Unexpected behavior with Laravel applications when getting redirected from YouTube

Troubleshooting technical issues is much easier when both the user and support agent practice clear communication. For this reason, we have provided the template below for you to fill out with information about your issue. Please provide as much detail as possible so we can most efficiently resolve your problem.

Delete the any text above the line separator below before posting

Description of the issue:

When submitting a form (HTML POST) to a Laravel application (or probably any application) when coming from YouTube, the CSRF token validation from Laravel fails (Please take the steps below to understand better what I am talking about)

How can this issue be reproduced?

  1. Make sure the Brave Shield is activated on YouTube
  2. Go to this link https://www.youtube.com/redirect?event=video_description&redir_token=QUFFLUhqbEdJM0ZDTjc4VjdWaHNyaXlfZWpzZmNEcmU3Z3xBQ3Jtc0trX2tPOWJWc2lkZ09rTGlTTS1yWmtyVlNZV044cHRkR0pESXNXZkg5cUdBcG9fanZjMFU0ZHNLSGNNUlA5US04dW9FQjdRdktoVDNhUnJhd0VDOE5ZcTZ2WHQ3SHFuaUdlUVlvYVh3ejZ0OTJRYnRLQQ&q=http://vapor.laravel.com/password/reset
  3. Enter any email and submit the form. You will get a 419 error, which indicates error with CSRF token validation

Expected result:
The form should be submitted successfully, you can try on any other browser, or simply, deactivate Brave shield from https://youtube.com

Brave Version( check About Brave):

Version 1.37.116

Additional Information:

It looks it has something to do with the way cookies are handled when getting redirected from YouTube when the shield is enabled

I get forwarded to https://vapor.laravel.com/password/reset with shields up @ismail3 Does visiting http://vapor.laravel.com/password/reset directly help?

Could be possibility the site is checking for a youtube cookie?

This topic was automatically closed 30 days after the last reply. New replies are no longer allowed.