Laravel Security: Top 7 Mistakes Developers Make
I often see the question: “Is Laravel secure?“, and in this video, let’s take a look at what the framework offers, and how developers use or misuse the security features.
00:00 Intro
00:37 Blade XSS Attack
02:34 Protect Your .env File
04:34 Don’t Use $request-all()
05:53 File Upload: Client Data
06:38 APP_DEBUG=true in Production
08:17 CSRF and Route::get()
09:54 Rate Limiting
Links mentioned in the video:
- Blade: Displaying Unescaped Data #displaying-unescaped-data
- How to use Laravel .env and . files?
- Danger of Using $request-all(), and How to Protect
- Uploaded File Information: #other-uploaded-file-information
- Configuration: Debug Mode #debug-mode
- Laravel .: APP_XXX Values Explained
- CSRF Protection: htt
1 month ago 01:29:31 2
1 month ago 10:55:27 8
3 months ago 00:47:42 1
3 months ago 00:26:17 1
3 months ago 00:04:50 1
4 months ago 00:40:15 1
4 months ago 00:03:29 3
4 months ago 00:11:33 1
4 months ago 00:06:53 2
4 months ago 01:52:30 1
4 months ago 00:17:08 3
5 months ago 00:06:42 1
5 months ago 00:49:57 1
5 months ago 00:09:49 1
5 months ago 00:03:25 1
5 months ago 01:51:11 5
5 months ago 00:07:53 5
6 months ago 01:14:37 2
6 months ago 00:08:19 4
7 months ago 00:20:27 1
7 months ago 00:10:28 2
7 months ago 00:10:32 7
8 months ago 00:07:13 1
10 months ago 00:09:43 1
