Security Tips
Security Tip: Safely Rendering JSON in Blade
[Tip#41] It's quite common to inject JSON into Blade templates for various use cases, but is it actually safe to do so? Not really...
Security Tips
OWASP Tip: A03:2021 – Injection
i.e. Cross-Site Scripting (XSS), SQL injection (SQLi), and Command Injection
Security Tips
Security Tip: Validating HTML & Markdown Input!
[Tip#22] Validating user input is easy to forget without adding HTML or Markdown into the mix!
Newsletter
In Depth: Content Security Policy
[InDepth#7] CSPs are an incredibly powerful security feature built into the browser.
Security Tips
Security Tip: Use Subresource Integrity on Your Resources!
[Tip#14] What is Subresource Integrity and why is it so important for securing your site?
In Depth
In Depth #4: Guessing Placeholders For Malicious Purposes
Placeholders are incredibly useful, but you need to be careful with them.
In Depth
In Depth #3: Escaping Output Safely
Cross-Site Scripting (XSS) is a major concern - if someone can run their own code in your users browsers, they can do whatever they like...