419 Page Expired

HTTP response status code 419 Page Expired is an unofficial client error that is Laravel-specific and returned by the server to indicate that the Cross-Site Request Forgery (CSRF) validation has failed.

Table of Contents


The 419 Page Expired error created by the Laravel PHP Framework message is received when the CSRF validation fails. This implies that CSRF protection is turned on; it is enabled by default for all HTTP methods POST, PUT, PATCH, and DELETE requests.


Search engines like Google will not index a URL with 419 Page Expired response status, and consequently, URLs that have been indexed in the past but are now returning this HTTP status code will be removed from the search results.


In the example, the client attempts to send a file and the server responds with the 419 Page Expired error to indicate that the CSRF validation failed.


PUT / HTTP/1.1
Host: www.example.re
Content-Type: applications/pdf
Content-Length: 10000

<PDF file is transferred>


HTTP/1.1 419 Page Expired
Content-Type: text/html
Content-Length: 150

    <title>Page Expired</title>
   <p>Your session has expired. Please refresh and try again.</p>


The 419 Page Expired status code is a Larval-specific client error sent to indicate that the CSRF validation has failed.

Last updated: August 2, 2023