We can do that something like this
Add html meta tag in head
<meta name="csrf-token" content="{ csrf_token() }">
Then use header in ajax something like this
$.ajax({
headers: {
'X-CSRF-TOKEN': $('meta[name="csrf-token"]').attr('content')
},
url: 'upload.php',
data: form_data,
type: 'post',
success: function(response){
alert(response);
}
});