Laravel Security: Top 7 Mistakes Developers Make
I often see the question: “Is Laravel secure?“, and in this video, let’s take a look at what the framework offers, and how developers use or misuse the security features.
00:00 Intro
00:37 Blade XSS Attack
02:34 Protect Your .env File
04:34 Don’t Use $request-all()
05:53 File Upload: Client Data
06:38 APP_DEBUG=true in Production
08:17 CSRF and Route::get()
09:54 Rate Limiting
Links mentioned in the video:
- Blade: Displaying Unescaped Data #displaying-unescaped-data
- How to use Laravel .env and . files?
- Danger of Using $request-all(), and How to Protect
- Uploaded File Information: #other-uploaded-file-information
- Configuration: Debug Mode #debug-mode
- Laravel .: APP_XXX Values Explained
- CSRF Protection: htt
4 months ago 00:07:53 4
5 months ago 01:14:37 2
5 months ago 00:08:19 4
6 months ago 00:20:27 1
6 months ago 00:10:28 2
6 months ago 00:10:32 7
7 months ago 00:07:13 1
9 months ago 00:09:43 1
12 months ago 01:07:35 1
1 year ago 00:16:11 4
2 years ago 01:32:02 10
2 years ago 00:18:04 7
3 years ago 00:09:33 2
3 years ago 00:11:16 10
3 years ago 00:06:54 6
3 years ago 00:11:06 1
3 years ago 00:05:33 10
3 years ago 06:29:44 1
3 years ago 00:12:18 4
3 years ago 01:24:10 5
3 years ago 00:43:08 6
4 years ago 00:35:02 8
4 years ago 00:04:57 1
4 years ago 00:17:29 17
