Greetings everyone! In this week’s security tip, I wanted to share a simple tip based on a common weakness I often see in Laravel apps. It’s common to see apps have most of their access control inside controllers, but I see it all the time where a specific action is missing an authorisation check because the developer forgot when writing that specific controller action. Hence why I recommend using a different approach…
I hope you all have a great week! 🙂
Use Route Groups
Keep reading with a 7-day free trial
Subscribe to Laravel Security In Depth to keep reading this post and get 7 days of free access to the full post archives.