Security Tips
Security Tip: Don't Use nl2br()!
[Tip#67] As useful as it sounds, nl2br() can potentially leave you open to Cross-Site Scripting (XSS) vulnerabilities... you should reach for CSS instead!
Security Tips
[Tip#67] As useful as it sounds, nl2br() can potentially leave you open to Cross-Site Scripting (XSS) vulnerabilities... you should reach for CSS instead!
Security Tips
[Tip#64] Do you know the difference between `e()`, `htmlspecialchars()`, & `htmlentities()`? Can we just use `e()` for everything?
Security Tips
[Tip#63] PHP includes a some really handy security-focused functions, but you need to know how to use them correctly, or you risk leaving a significant vulnerability waiting to be exploited! 😱
Newsletter
[InDepth#19] It's time to finish up the "Th1nk Lik3 a H4cker" walkthrough, looking at the rest of the challenges and the final hack from Laracon US!
Security Tips
[Tip#47] Setting up a CSP doesn't have to be a daunting task! Let's take a look at a tips for getting started with CSPs, without breaking anything!
Security Tips
[Tip#44] Checkout that one simple trick... I mean... This is my favourite way to avoid XSS.
Security Tips
[Tip#41] It's quite common to inject JSON into Blade templates - but is it safe?
Security Tips
i.e. Cross-Site Scripting (XSS), SQL injection (SQLi), and Command Injection
Security Tips
[Tip#22] Validating user input is easy to forget without adding HTML or Markdown into the mix!
Newsletter
[InDepth#7] CSPs are an incredibly powerful security feature built into the browser.
Security Tips
[Tip#14] What is Subresource Integrity and why is it so important for securing your site?
In Depth
Placeholders are incredibly useful, but you need to be careful with them.
In Depth
Cross-Site Scripting (XSS) is a major concern - if someone can run their own code in your users browsers, they can do whatever they like...