Allow the `XSRF-TOKEN` cookie to be renamed

### Laravel Version

12

### PHP Version

8.3

### Database Driver & Version

_No response_

### Description

Hello 👋,

I have a static website on soubiran.dev that communicates with an API built with Laravel at api.soubiran.dev. Everything is working fine.

I recently deployed a new website named live.soubiran.dev, and I now have an issue with the XSRF-TOKEN cookie because requests from live.soubiran.dev send both the cookie from api.soubiran.dev and from live.soubiran.dev. Currently, the one from api.soubiran.dev has its domain set to .soubiran.dev to ensure it can be shared with soubiran.dev and the domain for the one on live.soubiran.dev is live.soubiran.dev.

I would love to change the name of this XSRF-TOKEN, but unfortunately, it’s hardcoded and cannot be changed.

### Steps To Reproduce

https://github.com/laravel/framework/blob/12.x/src/Illuminate/Foundation/Http/Middleware/VerifyCsrfToken.php#L204

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

Uh oh!

Allow the `XSRF-TOKEN` cookie to be renamed #56238

Laravel Version

PHP Version

Database Driver & Version

Description

Steps To Reproduce

Metadata

Assignees

Labels

Type

Projects

Milestone

Relationships

Development

Allow the XSRF-TOKEN cookie to be renamed #56238

Description

Laravel Version

PHP Version

Database Driver & Version

Description

Steps To Reproduce

Metadata

Metadata

Assignees

Labels

Type

Projects

Milestone

Relationships

Development

Issue actions

Allow the `XSRF-TOKEN` cookie to be renamed #56238