In this blog we take a closer look into CSRF protection in Laravel. We compare the difference between the CSRF filter in Laravel 4 and the current VerifyCsrfToken middleware in Laravel 5. Why do we need CSRF protection? Laravel has CSRF-protection enabled by default. So even if you don’t know what CSRF is, or why you need to protect your apps from it, you’ll probably run in to an Illuminate\Sessio