Menu
Within the context of a Laravel application, what is the significance of POSTing to perform a logout? Is there some security and/or session particularity that POSTing over just GETing?
The relevant portion from the generated make::auth:
<ul class="dropdown-menu" role="menu">
<li>
<a
href="{{ url('/logout') }}"
onclick="event.preventDefault();document.getElementById('logout-form').submit();">
Logout
</a>
<form id="logout-form" action="{{ url('/logout') }}" method="POST" style="display: none;">
{{ csrf_field() }}
</form>
</li>
</ul>
326
GET requests are supposed to be "safe" and shouldn't have any significant side effects. It shouldn't matter, for example, if a precaching feature of a browser followed the link. That should just get some data.
Logging the user out would be a significant side effect, so GET would be inappropriate.
184
If you love us? You can donate to us via Paypal or buy me a coffee so we can maintain and grow! Thank you!
Donate Us With
