Security Is A Port Of The Security Class From Codeigniter 3 For Laravel 5
Laravel Security was created by, and is maintained by Graham Campbell, and is a port of the security class from CodeIgniter 3 for Laravel 5. This package is best used wrapped in my Laravel Binput package. Feel free to check out the change log, releases, license, and contribution guidelines.
To get the latest version of Laravel Security, simply add the following line to the require block of your
You'll then need to run
composer install or
composer update to download it and have the autoloader updated.
Once Laravel Security is installed, you need to register the service provider. Open up
config/app.php and add the following to the
You can register the Security facade in the
aliases key of your
config/app.php file if you like.
'Security' => 'GrahamCampbell\Security\Facades\Security'
Laravel Security supports optional configuration.
To get started, you'll need to publish all vendor assets:
$ php artisan vendor:publish
This will create a
config/security.php file in your app that you can modify to set your configuration. Also, make sure you check for changes to the original config file in this package between releases.
There is one config option:Evil attributes
This option (
'evil') defines the evil attributes and they will be always be removed from the input.
This is the class of most interest. It is bound to the ioc container as
'security' and can be accessed using the
Facades\Security facade. There is one public method of interest.
'clean' method will parse a string removing xss vulnerabilities. This parsing is strongly based on the security class from CodeIgniter 3.
This facade will dynamically pass static method calls to the
'security' object in the ioc container which by default is the
This class contains no public methods of interest. This class should be added to the providers array in
config/app.php. This class will setup ioc bindings.
You may see an example of implementation in Laravel Binput.
If you discover a security vulnerability within this package, please send an e-mail to Graham Campbell at email@example.com. All security vulnerabilities will be promptly addressed.
Laravel Security is licensed under The MIT License (MIT).
Laravel Security contains code taken from CodeIgniter, also licensed under The MIT License (MIT).