What causes the 419 Page Expired error in Laravel?

The 419 Page Expired error is commonly caused by: Missing @csrf directive in form, Session expired while form was open, CSRF token not included in AJAX request headers.

Which Laravel versions does this affect?

This error can occur in Laravel versions 8, 9, 10, 11, 12.

Security Laravel 8 Laravel 9 Laravel 10 Laravel 11 Laravel 12

419 Page Expired Error in Laravel - CSRF Token Fix

The 419 Page Expired error occurs when Laravel's CSRF token is missing, expired, or invalid during form submission.

The Error

Error Message

419 Page Expired

Common Causes

1 Missing @csrf directive in form
2 Session expired while form was open
3 CSRF token not included in AJAX request headers
4 Mismatched session domain configuration
5 Cookie/session configuration issues

Solutions

Add @csrf directive to your form

Blade

<form method="POST" action="/submit">
    @csrf
    <!-- form fields -->
</form>

Add CSRF token to AJAX requests

JavaScript

$.ajaxSetup({
    headers: {
        'X-CSRF-TOKEN': $('meta[name="csrf-token"]').attr('content')
    }
});

Add meta tag for CSRF token

Blade

<meta name="csrf-token" content="{{ csrf_token() }}">

Exclude route from CSRF verification (use cautiously)

PHP

// In VerifyCsrfToken.php
protected $except = [
    '/webhook/*',
];

Need Help With Your Laravel Project?

I specialize in building custom Laravel applications, process automation, and SaaS development. Whether you need to eliminate repetitive tasks or build something from scratch, let's discuss your project.

Schedule Free Consultation View My Work

Currently available for 2-3 new projects

About Hafiz

Senior Full-Stack Developer with 9+ years building web apps and SaaS platforms. I build web applications with Laravel and Vue.js, and automate business processes. Creator of ReplyGenius, StudyLab, and other SaaS products.

View Portfolio

Related Errors

Security

CSRF Token Mismatch Error in Laravel - Complete Fix

CSRF token mismatch