I am making an AJAX request from a subdomain to a primary domain. I created CORS so that the subdomain automatically binds to the allowed list of domains. I get an error 419 (unknown status)and after resetting the error I found that I am receiving TokenMissmatchException.
I also noticed that this is true because I also saw:
"_token" => "h7I07Iv0m4sF7XHhXjtygnfCtITgzCi3Ml8lfT7Z"
"_token" => "N118Izko7j5uf851MpijBXInFLaUVicRdf9uw3h4"
I obviously send a token with my AJAX request, as I see it in the header section when checking the request.
I assume there is some kind of mission because I am moving from my subdomain to my domain.
How can I align tokens in the main domain and in all subdomains so that I do not get an exception?
Note
All AJAX routes receive tokens from
<meta name="csrf-token" content="{{ csrf_token() }}">
Joining every request in
$.ajaxSetup({
headers: {
'X-CSRF-TOKEN': $('meta[name="csrf-token"]').attr('content')
}
});
EDIT
I placed it under session.php
"domain" => "." . env('APP_URL'),
due to cookies, although to be honest, I'm not sure what it does