CSRF is a type of technique whereby unauthorized commands are performed on behalf of an authenticated user. Laravel makes it easy to protect our web form with CSRF to attacks.

Laravel automatically generates a CSRF token for each active user session.

When we use <form> tag then we can use {{ csrf_token() }} in between <form> tag to protect our application. It will convert this in form of “<input type="hidden" name="_token" value="7YC0Sxth7AYe4RFSjzaPf2ygLCecJhblahblah"> ” like this.

In case of Ajax we can use like this

    headers: {
       'X-CSRF-TOKEN': $('meta[name="csrf-token"]').attr('content')

BY Best Interview Question ON 07 Apr 2019