79554971

Date: 2025-04-04 09:47:06
Score: 1
Natty:
Report link

You may be missing some of the key headers required for Laravel Sanctum to work in SPA mode. You should set at least one of these two headers: Referer or Origin. Additionally, you must set Accept: application/json.

These headers are referenced in the newer versions of the Laravel documentation: https://laravel.com/docs/12.x/sanctum#spa-authentication

If you are using axios, use should add these lines of code as well:

axios.defaults.withCredentials = true;
axios.defaults.withXSRFToken = true;
axios.defaults.headers.common["X-Requested-With"] = "XMLHttpRequest";
Reasons:
  • Blacklisted phrase (1): thX
  • Long answer (-0.5):
  • Has code block (-0.5):
  • Low reputation (1):
Posted by: Mr_Offline