From fc7ca1448c60c91b32a65e3a3118607b1c84e3ea Mon Sep 17 00:00:00 2001
From: Bubka <858858+Bubka@users.noreply.github.com>
Date: Mon, 10 Mar 2025 18:24:50 +0100
Subject: [PATCH] Disable sessions & CSRF verification for the /up route -
 Fixes #458

---
 routes/web.php | 4 ++++
 1 file changed, 4 insertions(+)

diff --git a/routes/web.php b/routes/web.php
index 5469a3d0..44878b49 100644
--- a/routes/web.php
+++ b/routes/web.php
@@ -17,7 +17,9 @@
 use App\Http\Middleware\AddContentSecurityPolicyHeaders;
 use App\Http\Middleware\CustomCreateFreshApiToken;
 use App\Http\Middleware\SetLanguage;
+use App\Http\Middleware\VerifyCsrfToken;
 use Illuminate\Routing\Middleware\SubstituteBindings;
+use Illuminate\Session\Middleware\StartSession;
 // use Illuminate\Foundation\Events\DiagnosingHealth;
 // use Illuminate\Support\Facades\Event;
 use Illuminate\Support\Facades\Route;
@@ -100,6 +102,8 @@
 });
 
 Route::withoutMiddleware([
+    StartSession::class,
+    VerifyCsrfToken::class,
     SubstituteBindings::class,
     SetLanguage::class,
     CustomCreateFreshApiToken::class,