ans-4175/csrf-in-laravel.php

## csrf-in-laravel.php
/**
     * Determine if the session and input CSRF tokens match.
     *
     * @param  \Illuminate\Http\Request  $request
     * @return bool
     */
    protected function tokensMatch($request)
    {
        $sessionToken = $request->session()->token();

        $token = $request->input('_token') ?: $request->header('X-CSRF-TOKEN');

        if (! $token && $header = $request->header('X-XSRF-TOKEN')) {
            $token = $this->encrypter->decrypt($header);
        }

        if (! is_string($sessionToken) || ! is_string($token)) {
            return false;
        }

        return hash_equals($sessionToken, $token);
    }
	/**
	* Determine if the session and input CSRF tokens match.
	*
	* @param \Illuminate\Http\Request $request
	* @return bool
	*/
	protected function tokensMatch($request)
	{
	$sessionToken = $request->session()->token();

	$token = $request->input('_token') ?: $request->header('X-CSRF-TOKEN');

	if (! $token && $header = $request->header('X-XSRF-TOKEN')) {
	$token = $this->encrypter->decrypt($header);
	}

	if (! is_string($sessionToken) \|\| ! is_string($token)) {
	return false;
	}

	return hash_equals($sessionToken, $token);
	}