Bypassing Laravel’s CSRF Middleware on selected routes (from 5.1)

Laravel does a great job at protecting us from cross-site request forgeries – or C.S.R.F. for short.But sometimes you may not wish to have that layer present. Well with Laravel 5.1 you can very easily bypass this middleware, simply by populating an array in the following file:

app/Http/Middleware/VerifyCsrfToken.php

Within this class you can add a protected property — an array — called $except, which will tell Laravel to use this middleware except for the ones you specify here.

A complete example could be:

protected $except = [
    'ignore/this/url',
    'this/one/too',
    'and/this',
];

So for those three URLs, the CSRF middleware would be skipped.