Menu
My Laravel application is hosted on the same domain name (one application on only one subdomain, the other one on multiple subdomains) as another web application that use a XSRF-TOKEN cookie. The two cookies are conflicting. Is there any way to rename Laravel's cookie to something like XSRF-TOKEN_Second? I am using Laravel version 6. I apologize if the question was asked before, couldn't find an answer. Thanks!
My solution
The problem was, in .env APP_NAME had same value on both projects. Rename one and it will change the name of the session and no more conflicts.
837
asked Nov 14 '25 19:11
You can set your own token by modifying the response:
$response->headers->setCookie(
new Cookie(
'NEW-XSRF-TOKEN-NAME',
$request->session()->token(),
$this->availableAt(60 * $config['lifetime']),
$config['path'],
$config['domain'],
$config['secure'],
false,
false,
$config['same_site'] ?? null
)
);
And you should update your middleware for checking the new token. X-XSRF-TOKEN, as per their docs, is just there for developer convenience. However, I still urge you not to write your own csrf logic.
107
answered Nov 17 '25 16:11
If you love us? You can donate to us via Paypal or buy me a coffee so we can maintain and grow! Thank you!
Donate Us With