Welcome to the Secure Coding Handbook! Here, you will find everything that I have found on secure coding: best practices, analyzing, and, of course, patching code-related vulnerabilities. All of the enumerated attacks and defensive techniques are strictly related to web applications. for now :)
Table of Contents:
- SQL Injections (SQLi)
- XML External Entity Injections (XXE)
- Clickjacking
- Vulerable Dependency Management
SQL Injections (SQLi)
Step carefully to install the Laravel application using Composer.
composer create-project --prefer-dist laravel/laravel rest-api-crud
XML External Entity Injections (XXE)
Laravel 11 default DB_CONNECTION=sqlite.you have to change this DB_CONNECTION=mysql this is in env file.
LOG_CHANNEL=stack
LOG_DEPRECATIONS_CHANNEL=null
LOG_LEVEL=debug
DB_CONNECTION=mysql
DB_HOST=127.0.0.1
DB_PORT=3306
DB_DATABASE=your_database
DB_USERNAME=root
DB_PASSWORD=
That’s probably the main message you should take home from this article. I will emphasize it for you, in bold and caps.
YOU ARE FREE TO STRUCTURE YOUR PROJECT HOWEVER YOU WANT.
Clickjacking
Step carefully to install the Laravel application using Composer.
php artisan make:model Product -a
Vulerable Dependency Management
Install the Laravel application using Composer.
php artisan make:controller Product -r