Reputation: 534

Laravel Page Expired 419

Some beginner Case:

I have an Upload Video Form from Drive, and when i upload a video from it, it takes a lot of times to upload the video. after finish uploaded, it return me an 419 expired.

so i assume the csrf_token has been change already when the video uploaded so the csrf doesnt match and return 419 (?)

i already do some test like:

change App\Http\Middleware\VerifyCsrfToken at protected $execpt and added my post link, the expired not comes out but it return a new problem with no post data sended.
i have been thinking about refreshing the div {{csrf_token()}} every x second with jquery but i think it will give me another problem latter.

This is my form

<form method="POST" action="/video/insert" enctype="multipart/form-data">
            {{csrf_field()}}
                <div class="form-group">
                    <label for="judul">Judul</label>
                    <input name="judul" type="text" class="form-control" id="judul" placeholder="Input judul">
                </div>
                <div class="form-group">
                    <label for="informasi">Informasi</label>
                    <input name="informasi" type="text" class="form-control" id="informasi" placeholder="Input informasi">
                </div>
                <div class="form-group">
                    <label for="link">Link</label>
                    <input name="link" type="file" class="form-control-file" id="link" placeholder="Input Link">
                </div>
                <div class="form-group" hidden="">
                    <label for="status"></label>
                    <input name="status" type="text" class="form-control" id="status" placeholder="Input status" value="Tidak Aktif">
                </div>
                <div class="form-group" hidden="">
                    <label for="outletstatus"></label>
                    <input name="outletstatus" type="text" class="form-control" id="outletstatus" placeholder="Input outletstatus" value="Tidak Aktif">
                </div>
                <div class="form-group" hidden="">
                    <label for="type"></label>
                    <input name="type" type="text" class="form-control" id="type" placeholder="Input type" value="Server">
                </div>
                <div class="form-group" hidden="">
                    <label for="user_id"></label>
                    <input name="user_id" type="text" class="form-control" id="user_id" placeholder="Input user_id" value="{{auth()->user()->id}}">
                </div>
                <div class="modal-footer">
                    <button type="button" class="btn btn-secondary" data-dismiss="modal">Cancel</button>
                    <button type="submit" class="btn btn-primary">Upload</button>
                </div>
            </form>

Web.php according to this issue

Route::group(['middleware'=>['auth','checkRole:Admin,Pengguna']],function()
{   // Video Controller
    Route::post('/video/insert','VideoController@insert');
});

Controller:

public function insert(Request $request){
    $video = \App\Video::create($request->all());
    function getName($n) { 
        $characters = '0123456789abcdefghijklmnopqrstuvwxyzABCDEFGHIJKLMNOPQRSTUVWXYZ'; 
        $randomString = ''; 

        for ($i = 0; $i < $n; $i++) { 
            $index = rand(0, strlen($characters) - 1); 
            $randomString .= $characters[$index]; 
        } 

        return $randomString; 
    } 

    if($request->type=='Server'){
        $videoName = getName(10) . $request->file('link')->getClientOriginalName();
        $request->file('link')->move('videos/',$videoName);
        $video->link = $videoName;     
    }
    else{
        $video->link = 'https://www.youtube.com/embed/'.$request->link;
    }
    $video->type = $request->type;
    $video->save();
    return redirect('video')->with('status','Video berhasil ditambahkan!');
}

my question is:

is there a chance we send the csrf token after the video is uploaded? so the csrf is not expired, and do you guys have some reference or some best way to do to solve this problem?

Thank you.

Upvotes: 1

Answers (4)

akbar

Reputation: 773

Another thing that can be solution in addition of others that answered is to change

upload_max_filesize = 70M  post_max_size = 60M  memory_limit = 50M

in php.ini file. And check connection_timeout setting in webserver too.

Upvotes: 1

user10971804

Reputation: 281

Increase your session lifetime in config/session.php

'lifetime' => env('SESSION_LIFETIME', 120),

'expire_on_close' => false,

Upvotes: 1

Lalit Kumar

Reputation: 360

Check if there is any other form is open before this close it.

Upvotes: 0

chandirasekaranid

Reputation: 64

did you try wild card at protected $except variable with protocol

'http://www.example.com/video-uploader/*'

https://laravel.com/docs/5.8/csrf#csrf-excluding-uris

Upvotes: 0

Laravel Page Expired 419

Answers (4)

Related Questions