When you're validating your user input, don't forget about the HTML from WYSIWIG and markup editors, and good old Markdown... It's easy to sneak XSS into those if you're not validating or filtering it!
https://securinglaravel.com/p/security-tip-validating-html-and#Laravel#PHP
↧
Article 1
↧