csrf javascript
var request = new XMLHttpRequest(),
token = document.querySelector('meta[name="csrf-token"]').content;
request.open('POST', url, true);
request.setRequestHeader('Content-Type', 'application/x-www-form-urlencoded; charset=UTF-8');
request.setRequestHeader('X-CSRF-TOKEN', token);
request.send(data);
Cruel Cheetah