Комментарии:
please make one about file upload exploit
Ответитьlove from pakistan
ОтветитьS
ОтветитьYou are just awesome <3
ОтветитьFirst of all, big thanks, what about xml attack? And sql injections? Have any vulnerability for sql injections in laravel? If yes, how can it be safer?
ОтветитьVery informative
Ответить👋👋
ОтветитьGreat video as always, would love to see more of these!
ОтветитьWhy are you so good? 💚💚💚
Ответитьis Java secured?
I am going to leave a general answer "If the developer is bad at coding and doesn't care about securing their application NO", but then again there is a job market for people that are paid to look at the code and yell at those developers that they should not hardcode security keys inside the client app (for example: 2 years ago I was listening to a podcast of a lady that said she found hardcoded security keys inside android banking applications, with comments in the code "stop putting security keys in the code")
So to sum it up, most of the time the problem is between the chair and the screen
Hello Povilas,
Great video! Just 1 question regarding the first example. What about the cases I have a WYSIWYG in my blog post and the user can enter a html? I am forced to escape it. what's the solution?
gr8 video ,which i listen till date..
ОтветитьRate limit is a good option to negotiate delayed payments :P
Ответитьi wonder if you can make the same video for developers who use laravel just for API as a backend and tell us about security concerns we may face
ОтветитьThanks bro
ОтветитьI always enjoy your content ♥️.
Ответитьthank you...
Ответитьnever played a full tutorial video without x2 speed outside work. very good video i subed
ОтветитьAs someone that’s been using Laravel since v4.2, I love your content , straight to the point, no dithering , no BS - I hope you get your silver platter soon :)
Ответитьyou sexy m.f. Pov. Great job !
ОтветитьHow to perform vulnerability assessment?
ОтветитьThank you sir, i think your videos is very usefull. Thanks for your dedication.
ОтветитьI really appreciate your every single video. They are so helpful to me.
ОтветитьIs it a mistake to add data in a migration, or should migrations only change the database structure? For example, we keep our translations in a database table. If we need another word translated, should we add this in a migration? Or should we use a seeder? Or something else?
ОтветитьYOU WIll surely go beyond 200K subscribers Sir, you are really doing a great job. Thanks and God bless
ОтветитьWow this is very insightful sir. Thanks for sharing
ОтветитьThank you!
ОтветитьWhat's the best secured way to upload laravel project in shared hosting?
Ответитьthank you
ОтветитьThank you so much for your video. Please make a video on passing {id} value in route. We are using direct id which is the primary key for the Post, Put method and Laravel also use the same in resource controller. Please make a video with this topic and security issues.
ОтветитьThanks Sir you helping so much .... i really appreciate it <3
Ответить7 Mistakes beginners devs make :)
ОтветитьMe who use REST API'S: 🤷
ОтветитьGreat
Ответитьpls I am used to csrf but with the invention of livewire, is it necessary again because I dint even bother to include it because you can submit form without even form elements using livewire.
ОтветитьThank you!
ОтветитьAnother: People using Raw DB queries and not binding parameters subsequently leading to an SQLi.
ОтветитьLast week analyzing my apache log I found some requests to /.env, so make sure that your .env file is not public, you never will be 100% safe, so do your best
ОтветитьGood stuff. Would you ever consider doing a course on security in Laravel, PHP, and Livewire, or even just more videos on it? It's a huge concern that I feel like doesn't get enough attention, and even as a mid-level developer and working with Laravel over 5 years, I'm not always sure how to be sure my code is 100% secure other than avoiding some of the obvious like you point out in this video. Like a good example of content you could cover is how supposedly we should be using UUIDs for our models, but it's not always clear the best way to do that or when to do that
ОтветитьNice info sir, thanks!
ОтветитьRespect from Pakistan 🇵🇰
Rate Limiting is left from my side, all other stuff is my daily routine.
But I feel like request except is also a security loophole
ОтветитьI am using json in a crud app. Still a bit unsure about possible vulnerabilities. Do you have any information?
ОтветитьHello! Maybe you recording video on laravel Policy? How block any action in another user when user is not the same Group. Or how user can get only our post when he post another id in request. I have problem with this and no were information how do this. I have two model Clients and Users, Clientis Group amd have more users. Now when i send GET REQUEST id another client i can get users another client.
ОтветитьHello, Povilas I have a question. Lets say there is a blog post site and user can make a post that contains all those html tags like link, table and so on, how the content should be displayed if {!! $content !!} is a security issue? Should developer write a some code that checks if there are strings like <script> or <php or are there some other options?
ОтветитьHi povilaz....can you make one video about laravel project hosting in shared server, it's very helpful to all
Thanks in advance.