⚠️ Top 10 Laravel security issues I've found during audits ⚠️

#9 → Missing Subresource Integrity (SRI)

SRI prevents compromised 3rd-party scripts from affecting your app, blocking attacks like Magecart, keyloggers, cryptominers, and malicious redirectors.

SRI works best on versioned scripts & styles from CDNs, such as packages like Alpine, Bootstrap, etc, and prevents the browser loading scripts/styles that have been modified unexpectedly.

You can find more details over here: larasec.substack.com/p/security-tip-sub…

Security Tip: Subresource Integrity
[Tip#14] What is Subresource Integrity and why is it so important for securing your site?
7:36 AM
Apr 13, 2023