Subscribe
Sign in
Home
Practical Laravel Security
Laravel Security Audits
In Depths
Tips
Audits Top 10
OWASP Top 10
Archive
About
Tip
New
Top
Community
Security Tip: Security Headers are Layers of Defence
[Tip#46] Security headers add important layers of defence to your apps, preventing data leaks, XSS and CSRF attacks, clickjacking, and more... Why are…
Stephen Rees-Carter
May 25
2
Share this post
Security Tip: Security Headers are Layers of Defence
securinglaravel.com
Copy link
Twitter
Facebook
Email
Notes
Security Tip: Replace Simple Dependencies
[Tip#45] The more dependencies your project has, the higher your risk of supply-chain attack is, and the less you're aware of what code is actually…
May 9
4
1
Share this post
Security Tip: Replace Simple Dependencies
securinglaravel.com
Copy link
Twitter
Facebook
Email
Notes
Security Tip: Avoiding XSS with HtmlString
[Tip#44] Checkout that one simple trick... I mean... This is my favourite way to avoid XSS.
Stephen Rees-Carter
May 1
1
Share this post
Security Tip: Avoiding XSS with HtmlString
securinglaravel.com
Copy link
Twitter
Facebook
Email
Notes
Security Tip: Don't Forget Rate Limiting
[Tip#43] It's essential for limiting bot attacks, and don't forget it on other sensitive routes like authentication...
Stephen Rees-Carter
Apr 23
3
Share this post
Security Tip: Don't Forget Rate Limiting
securinglaravel.com
Copy link
Twitter
Facebook
Email
Notes
Security Tip: Validating Array Inputs
[Tip#42] Validating single values is easy, but what about arrays?
Apr 7
5
Share this post
Security Tip: Validating Array Inputs
securinglaravel.com
Copy link
Twitter
Facebook
Email
Notes
Security Tip: Safely Rendering JSON in Blade
[Tip#41] It's quite common to inject JSON into Blade templates - but is it safe?
Stephen Rees-Carter
Mar 30
3
6
Share this post
Security Tip: Safely Rendering JSON in Blade
securinglaravel.com
Copy link
Twitter
Facebook
Email
Notes
Security Tip: Retrieving Request Values
[Tip#40] Let's complete the set of request input helpers and their security implications
Mar 16
3
Share this post
Security Tip: Retrieving Request Values
securinglaravel.com
Copy link
Twitter
Facebook
Email
Notes
Security Tip: Casing Request Values
[Tip#39] Not a new feature, but definitely worth knowing about.
Stephen Rees-Carter
Mar 6
2
Share this post
Security Tip: Casing Request Values
securinglaravel.com
Copy link
Twitter
Facebook
Email
Notes
Security Tip: Timebox for Timing Attacks
[Tip#38] Let's take a look at another recent addition to Laravel's security features
Stephen Rees-Carter
Feb 26
6
Share this post
Security Tip: Timebox for Timing Attacks
securinglaravel.com
Copy link
Twitter
Facebook
Email
Notes
Security Tip: New Password Generator
[Tip#37] To celebrate the release of Laravel 10 this week, let's take a look at one of the new (security) features!
Stephen Rees-Carter
Feb 18
2
7
Share this post
Security Tip: New Password Generator
securinglaravel.com
Copy link
Twitter
Facebook
Email
Notes
Security Tip: Encoding/Serialising Data
[Tip#36] Encoding/serialising data can be risky if you're not using the correct functions.
Stephen Rees-Carter
Feb 2
3
Share this post
Security Tip: Encoding/Serialising Data
securinglaravel.com
Copy link
Twitter
Facebook
Email
Notes
Security Tip: Leaking Data After Changes
[Tip#35] It's easy to make innocent changes to one part of your app and forget to check how that flows into other parts of your app
Stephen Rees-Carter
Jan 26
4
Share this post
Security Tip: Leaking Data After Changes
securinglaravel.com
Copy link
Twitter
Facebook
Email
Notes
This site requires JavaScript to run correctly. Please
turn on JavaScript
or unblock scripts
