In Depth
In Depth: Mass-Assignment Vulnerabilities
[InDepth#15] There is a false confidence about mass-assignment vulnerabilities that hides how easy it is for them to occur and be exploited...
Security Tips
Security Tip: Validating Array Inputs
[Tip#42] Validating single values is easy, but what about arrays?
Security Tips
Security Tip: Retrieving Request Values
[Tip#40] Let's complete the set of request input helpers and their security implications
Security Tips
Security Tip: Casting Request Values
[Tip #39] Why treat all user input as strings when you can pull out specific values and automatically cast them as the types you're expecting?