CSRF token mismatch after a 3DS redirect from a checkout form

I am processing a transaction using a normal HTML form in Laravel. Everything works fine until the transaction has to pass 3ds verification. When I post the transaction information I provide a redirect link to where the customer needs to be redirected to after they finish the 3ds verification.The problem is that I am getting the following on error on the page it redirected to. If I refresh the page, then it loads fine.

" throw new TokenMismatchException('CSRF token mismatch.');"



I am not sure why it is looking for the token on the page its landing on as its a blank page, as I have not written anything yet on it.

I have found a working solution, but it involves disabling CSRF for that specific url/page. Not sure however if that is safe.

$middleware->validateCsrfTokens(except: [
'mypagename/',
]);

Continue reading...