Enhance TestEmailController and view to include CSRF token and improve form security

2026-02-26 23:12:00 +08:00
parent 701a433174
commit 60fcf08cbc
2 changed files with 3 additions and 2 deletions
--- a/app/Http/Controllers/TestEmailController.php
+++ b/app/Http/Controllers/TestEmailController.php
@@ -10,7 +10,7 @@ class TestEmailController extends Controller

    public function show()
    {
-        return view('test-email');
+        return view('test-email', ['token' => csrf_token()]);
    }

    public function send(Request $request)
--- a/resources/views/test-email.blade.php
+++ b/resources/views/test-email.blade.php
@@ -29,7 +29,8 @@
                </div>

                <form method="POST" action="{{ url('test-email/send') }}">
-                    {!! csrf_field() !!}
+                    <input type="hidden" name="_token" value="{{ csrf_token() }}">
+                    <input type="hidden" name="token" value="{{ $token }}">
                    <div class="form-group{{ $errors->has('recipient') ? ' has-error' : '' }}">
                        <label for="recipient">Recipient Email</label>
                        <input type="email"