RouteProcessorCsrf::processOutbound() does not take into account optional parameters when calculating a CSRF token, leading on-request validation to fail on a generated route in which one or more parameters were not provided at the time of generation.
↧
CSRF token generation incompatible with optional route parameters
↧