Delete window.Laravel.csrfToken for Laravel#4260

[DrowningElysium]

If PR laravel/laravel#4260 is accepted we will no longer need window.Laravel

[arcanedev-maroc]

You need to replace it with:

<meta name="csrf-token" content="{{ csrf_token() }}">

UPDATE: See the comment below

[fernandobandeira]

@arcanedev-maroc Actually the meta is already there so he only need to remove it.

[arcanedev-maroc]

You're right @fernandobandeira, i didn't view the whole file 😄

[devcircus]

The entire layout file is just boilerplate to help you get started. This snippet was very useful as I use it in practically every app I work on. I always need to add a few more items.

Seems much easier to delete it if you don't want it than to add it...

[DrowningElysium]

@devcircus It seemed to me like it was added with not really a good reason behind it, also the docs are telling us to add it as meta but doesn't tell us to add that script part, so why not just make the script take it from the meta tag directly instead?

[devcircus]

It makes sense, and I've wondered why it was added as well.

Laravel Spark actually uses window.Spark for the csrf token instead of the meta tag:

// from spark-bootstrap.js

window.axios.defaults.headers.common = {
    'X-Requested-With': 'XMLHttpRequest',
    'X-CSRF-TOKEN': Spark.csrfToken
};

And ever since I started using Spark, I find myself using a window.MyProject in everything I build and so the snippet came in very handy.

It's nothing a sublime snippet can't handle though. :)

[OwenMelbz]

I also see this being a pain, lots of javascript libraries pull from this namespace, and it provides a convenient place to tack on other data which can be used by JS.

Personally 🔥 this PR :D