From f15301d18db084e131a0ce8d3e434ae521f00ee3 Mon Sep 17 00:00:00 2001
From: TheCodeholic <zurasekhniashvili@gmail.com>
Date: Wed, 15 Jan 2025 00:03:16 +0400
Subject: [PATCH] Preserve X-Xsrf-Token header from .htaccess (#6520)

* Preserve X-Xsrf-Token header from .htaccess

Preserve X-Xsrf-Token header for session based authentication when building API in Laravel

* Update .htaccess

* Update .htaccess

---------

Co-authored-by: Taylor Otwell <taylor@laravel.com>
---
 public/.htaccess | 4 ++++
 1 file changed, 4 insertions(+)

diff --git a/public/.htaccess b/public/.htaccess
index 3aec5e27e..b574a597d 100644
--- a/public/.htaccess
+++ b/public/.htaccess
@@ -9,6 +9,10 @@
     RewriteCond %{HTTP:Authorization} .
     RewriteRule .* - [E=HTTP_AUTHORIZATION:%{HTTP:Authorization}]
 
+    # Handle X-XSRF-Token Header
+    RewriteCond %{HTTP:x-xsrf-token} .
+    RewriteRule .* - [E=HTTP_X_XSRF_TOKEN:%{HTTP:X-XSRF-Token}]
+
     # Redirect Trailing Slashes If Not A Folder...
     RewriteCond %{REQUEST_FILENAME} !-d
     RewriteCond %{REQUEST_URI} (.+)/$