In Depth
In Depth #3: Escaping Output Safely
Cross-Site Scripting (XSS) is a major concern - if someone can run their own code in your users browsers, they can do whatever they like...
In Depth
Cross-Site Scripting (XSS) is a major concern - if someone can run their own code in your users browsers, they can do whatever they like...
Security Tips
[Tip#7] Always pass user input through a validator to ensure you only get the data you're expecting.
In Depth
Let's dive into SQL Injection, learn how it works, and what we can do with it.
Security Tips
[Tip#5] Don't forget to configure your cookies for to only work over HTTPS.
Security Tips
[Tip#4] We're following the theme of reminders for simple features that are easy to overlook with a reminder to use Parameterised Queries!
Security Tips
[Tip#3] Laravel's config files are great, but don't forget to put sensitive values (i.e. secrets, passwords, tokens, etc) in your .env file!
In Depth
[InDepth#1] Let's take a look at how Encryption works in Laravel, where it's used, and how you can use it within your applications.
Newsletter
Each month we'll cover an aspect of Laravel security in depth, with weekly tips to fill in the gaps.