Laravel doesn't do these things by default, the vulnerabilities displayed were intentionally coded to demonstrate mistakes developers make without noticing. If you take away anything from this talk, it should be: 1. Always use policies (these are testable) 2. Sanitize user input, even from the route URL (maybe also 3. Don't load files based on strings provided by a user)
Can we have access to that command line tool?
that was great! learned a lot of new things
Could please tell me how to use dropbear laravel?
Great talk
hahaha this guy got the whole room quiet , lol awesome though he is really really good
I see the correct password has been edited 😂
How can you tell? lol
@@alexhackney4045 I was there, and that’s _not_ the “correct” password that was chosen at the time.
Laravel needs to have some tests that you can call which check for these security things, and improved middle-age to stop these things from working!!
Laravel doesn't do these things by default, the vulnerabilities displayed were intentionally coded to demonstrate mistakes developers make without noticing. If you take away anything from this talk, it should be: 1. Always use policies (these are testable) 2. Sanitize user input, even from the route URL (maybe also 3. Don't load files based on strings provided by a user)
@@Ruggie1of1 Yes, but these things are also testable and standard tests would ensure that the user hasn't made these mistakes.
I think the speaker should train his breathing and take it slow. This seems like a "end of the game" interview with so much panting.
LOL I can hack the Laravel sites now
🥴🥴🥴