Laravel From Scratch: CSRF Attacks, With Examples

Your Teacher | Jeffrey Way

Hi, I'm Jeffrey. I'm the creator of Laracasts and spend most of my days building the site and thinking of new ways to teach confusing concepts. I live in Orlando, Florida with my wife and two kids.

About This Episode

Laravel provides Cross-Site Request Forgery (CSRF) protection out of the box, but you still may not know exactly what that means. In this lesson, I'll show you a few examples of how a CSRF attack is executed, as well as how Laravel protects your application against them.

Published on Nov 26th, 2019.

Laracon Online - August 26th 2020

Discuss It

Episodes

Section 1 Prerequisites

At a Glance

EPISODE 1 2:40 Free
Install PHP, MySQL and Composer

EPISODE 2 3:33 Free
The Laravel Installer

EPISODE 3 3:02 Free
Laravel Valet Setup

EPISODE 4 3:18 Free

Section 2 Routing

Basic Routing and Views

EPISODE 5 3:41 Free
Pass Request Data to Views

EPISODE 6 4:11 Free
Route Wildcards

EPISODE 7 3:42 Free
Routing to Controllers

EPISODE 8 3:01 Free

Section 3 Database Access

Setup a Database Connection

EPISODE 9 6:13 Free
Hello Eloquent

EPISODE 10 3:45 Free
Migrations 101

EPISODE 11 5:23 Free
Generate Multiple Files in a Single Command

EPISODE 12 1:26 Free
Business Logic

EPISODE 13 7:36 Free

Section 4 Views

Layout Pages

EPISODE 14 4:11 Free
Integrate a Site Template

EPISODE 15 4:27 Free
Set an Active Menu Link

EPISODE 16 2:15 Free
Asset Compilation with Laravel Mix and webpack

EPISODE 17 7:39 Free
Render Dynamic Data

EPISODE 18 6:19 Free
Render Dynamic Data: Part 2

EPISODE 19 5:05 Free
Homework Solutions

EPISODE 20 2:45 Free

Section 5 Forms

The Seven Restful Controller Actions

EPISODE 21 5:03 Free
Restful Routing

EPISODE 22 7:37 Free
Form Handling

EPISODE 23 7:55 Free
Forms That Submit PUT Requests

EPISODE 24 6:35 Free
Form Validation Essentials

EPISODE 25 8:53 Free

Section 6 Controller Techniques

Leverage Route Model Binding

EPISODE 26 4:56 Free
Reduce Duplication

EPISODE 27 5:40 Free
Consider Named Routes

EPISODE 28 3:58 Free

Section 7 Eloquent

Basic Eloquent Relationships

EPISODE 29 6:07 Free
Understanding Foreign Keys and Database Factories

EPISODE 30 13:31 Free
Many to Many Relationships With Linking Tables

EPISODE 31 6:16 Free
Display All Tags Under Each Article

EPISODE 32 5:04 Free
Attach and Validate Many-to-Many Inserts

EPISODE 33 12:17 Free

Section 8 Authentication

Build a Registration System in Mere Minutes

EPISODE 34 9:26 Free
The Password Reset Flow

EPISODE 35 8:40 Free

Section 9 Core Concepts

Collections

EPISODE 36 11:21 Free
CSRF Attacks, With Examples

EPISODE 37 9:13 Free
Service Container Fundamentals

EPISODE 38 5:15 Free
Automatically Resolve Dependencies

EPISODE 39 11:04 Free
Laravel Facades Demystified

EPISODE 40 13:55 Free
Service Providers are the Missing Piece

EPISODE 41 11:18 Free

Section 10 Mail

Send Raw Mail

EPISODE 42 6:50 Free
Simulate an Inbox using Mailtrap

EPISODE 43 1:07 Free
Send HTML Emails Using Mailable Classes

EPISODE 44 4:40 Free
Send Email Using Markdown Templates

EPISODE 45 8:52 Free
Notifications Versus Mailables

EPISODE 46 8:02 Free

Section 11 Notifications

Database Notifications

EPISODE 47 13:21 Free
Send SMS Notifications in 5 Minutes

EPISODE 48 5:40 Free

Section 12 Events

Eventing Pros and Cons

EPISODE 49 14:35 Free

Section 13 Authorization

Limit Access to Authorized Users

EPISODE 50 19:51 Free
Authorization Filters

EPISODE 51 3:55 Free
Guessing the Ability Name

EPISODE 52 2:22 Free
Middleware-Based Authorization

EPISODE 53 2:22 Free
Roles and Abilities

EPISODE 54 21:32 Free

Section 14 Final Project

Twitter Clone Setup

EPISODE 55 4:01 Free
Design the Timeline

EPISODE 56 16:41 Free
Make the Timeline Dynamic

EPISODE 57 12:21 Free
Build a Following

EPISODE 58 5:29 Free
Expanding the Timeline

EPISODE 59 6:10 Free
Construct the Profile Page

EPISODE 60 20:24 Free
Nested Layout Files with Components

EPISODE 61 5:59 Free
Build the Follow Form

EPISODE 62 19:10 Free
Profile Authorization Logic

EPISODE 63 7:30 Free
File Storage and Custom Avatars

EPISODE 64 16:10 Free
Build the Explore Users Page

EPISODE 65 10:14 Free
Clean Up

EPISODE 66 12:55 Free
Build a Like/Dislike System

EPISODE 67 28:31 Free
Goodbye and Next Steps

EPISODE 68 2:43 Free

Laracon Online - August 26th 2020

Section 1 Prerequisites

At a Glance

EPISODE 1 2:40 Free
Install PHP, MySQL and Composer

EPISODE 2 3:33 Free
The Laravel Installer

EPISODE 3 3:02 Free
Laravel Valet Setup

EPISODE 4 3:18 Free

Section 2 Routing

Basic Routing and Views

EPISODE 5 3:41 Free
Pass Request Data to Views

EPISODE 6 4:11 Free
Route Wildcards

EPISODE 7 3:42 Free
Routing to Controllers

EPISODE 8 3:01 Free

Section 3 Database Access

Setup a Database Connection

EPISODE 9 6:13 Free
Hello Eloquent

EPISODE 10 3:45 Free
Migrations 101

EPISODE 11 5:23 Free
Generate Multiple Files in a Single Command

EPISODE 12 1:26 Free
Business Logic

EPISODE 13 7:36 Free

Section 4 Views

Layout Pages

EPISODE 14 4:11 Free
Integrate a Site Template

EPISODE 15 4:27 Free
Set an Active Menu Link

EPISODE 16 2:15 Free
Asset Compilation with Laravel Mix and webpack

EPISODE 17 7:39 Free
Render Dynamic Data

EPISODE 18 6:19 Free
Render Dynamic Data: Part 2

EPISODE 19 5:05 Free
Homework Solutions

EPISODE 20 2:45 Free

Section 5 Forms

The Seven Restful Controller Actions

EPISODE 21 5:03 Free
Restful Routing

EPISODE 22 7:37 Free
Form Handling

EPISODE 23 7:55 Free
Forms That Submit PUT Requests

EPISODE 24 6:35 Free
Form Validation Essentials

EPISODE 25 8:53 Free

Section 6 Controller Techniques

Leverage Route Model Binding

EPISODE 26 4:56 Free
Reduce Duplication

EPISODE 27 5:40 Free
Consider Named Routes

EPISODE 28 3:58 Free

Section 7 Eloquent

Basic Eloquent Relationships

EPISODE 29 6:07 Free
Understanding Foreign Keys and Database Factories

EPISODE 30 13:31 Free
Many to Many Relationships With Linking Tables

EPISODE 31 6:16 Free
Display All Tags Under Each Article

EPISODE 32 5:04 Free
Attach and Validate Many-to-Many Inserts

EPISODE 33 12:17 Free

Section 8 Authentication

Build a Registration System in Mere Minutes

EPISODE 34 9:26 Free
The Password Reset Flow

EPISODE 35 8:40 Free

Section 9 Core Concepts

Collections

EPISODE 36 11:21 Free
CSRF Attacks, With Examples

EPISODE 37 9:13 Free
Service Container Fundamentals

EPISODE 38 5:15 Free
Automatically Resolve Dependencies

EPISODE 39 11:04 Free
Laravel Facades Demystified

EPISODE 40 13:55 Free
Service Providers are the Missing Piece

EPISODE 41 11:18 Free

Section 10 Mail

Send Raw Mail

EPISODE 42 6:50 Free
Simulate an Inbox using Mailtrap

EPISODE 43 1:07 Free
Send HTML Emails Using Mailable Classes

EPISODE 44 4:40 Free
Send Email Using Markdown Templates

EPISODE 45 8:52 Free
Notifications Versus Mailables

EPISODE 46 8:02 Free

Section 11 Notifications

Database Notifications

EPISODE 47 13:21 Free
Send SMS Notifications in 5 Minutes

EPISODE 48 5:40 Free

Section 12 Events

Eventing Pros and Cons

EPISODE 49 14:35 Free

Section 13 Authorization

Limit Access to Authorized Users

EPISODE 50 19:51 Free
Authorization Filters

EPISODE 51 3:55 Free
Guessing the Ability Name

EPISODE 52 2:22 Free
Middleware-Based Authorization

EPISODE 53 2:22 Free
Roles and Abilities

EPISODE 54 21:32 Free

Section 14 Final Project

Twitter Clone Setup

EPISODE 55 4:01 Free
Design the Timeline

EPISODE 56 16:41 Free
Make the Timeline Dynamic

EPISODE 57 12:21 Free
Build a Following

EPISODE 58 5:29 Free
Expanding the Timeline

EPISODE 59 6:10 Free
Construct the Profile Page

EPISODE 60 20:24 Free
Nested Layout Files with Components

EPISODE 61 5:59 Free
Build the Follow Form

EPISODE 62 19:10 Free
Profile Authorization Logic

EPISODE 63 7:30 Free
File Storage and Custom Avatars

EPISODE 64 16:10 Free
Build the Explore Users Page

EPISODE 65 10:14 Free
Clean Up

EPISODE 66 12:55 Free
Build a Like/Dislike System

EPISODE 67 28:31 Free
Goodbye and Next Steps

EPISODE 68 2:43 Free

Back to Series Button