⚠️ Top 10 Laravel security issues I've found during audits ⚠️

#9 → Missing Subresource Integrity (SRI)

SRI prevents compromised 3rd-party scripts from affecting your app, blocking attacks like Magecart, keyloggers, cryptominers, and malicious redirectors.

SRI works best on versioned scripts & styles from CDNs, such as packages like Alpine, Bootstrap, etc, and prevents the browser loading scripts/styles that have been modified unexpectedly.

You can find more details over here:

Security Tip: Use Subresource Integrity on Your Resources!
Apr 13, 2023
at
7:36 AM