A while back I wrote about handling CSRF tokens with ajax calls to Laravel. I have re-vamped my philosophy since then. All routes should have protection, not just a few. This ensures that I
- Never accidentally leave a route unprotected
- Reduce complexity in my routes. Don’t worry about which routes are protected or unprotected.