Laravel

Security Best Practices

CSRF protection, XSS prevention, SQL injection, mass assignment, authentication security, encryption, hashing, rate limiting

22 câu hỏi phỏng vấn·
Senior
1

What is CSRF protection in Laravel?

Câu trả lời

CSRF (Cross-Site Request Forgery) protection prevents cross-site request attacks by validating a unique token for each session. Laravel automatically generates this token and verifies it on all POST, PUT, PATCH, DELETE requests. API routes are exempted as they typically use stateless token-based authentication.

2

How does Laravel prevent XSS attacks by default?

Câu trả lời

Laravel automatically escapes all variables displayed via Blade syntax {{ $variable }}. This escaping converts special HTML characters to entities, preventing malicious script execution. To display raw HTML, you must explicitly use {!! $variable !!}, forcing developers to make a conscious choice.

3

What is the role of the $fillable property in an Eloquent model?

Câu trả lời

The $fillable property defines the whitelist of attributes that can be mass-assigned via create() or update(). This protects against mass assignment attacks where a malicious user could modify sensitive fields like is_admin or role_id. The alternative is $guarded which defines a blacklist of protected fields.

4

Which method should be used to hash a password in Laravel?

5

How does Laravel protect against SQL injections?

+19 câu hỏi phỏng vấn

Các chủ đề phỏng vấn Laravel khác

PHP Basics

Junior
25 câu hỏi

PHP OOP Essentials

Junior
20 câu hỏi

Composer & Autoloading

Junior
18 câu hỏi

Laravel Fundamentals

Junior
20 câu hỏi

Laravel Routing

Junior
20 câu hỏi

Blade Templates

Junior
18 câu hỏi

Request & Response

Junior
20 câu hỏi

Eloquent ORM Basics

Junior
22 câu hỏi

Eloquent Relationships

Mid-Level
25 câu hỏi

Migrations & Schema Builder

Mid-Level
20 câu hỏi

Validation & Forms

Mid-Level
22 câu hỏi

Authentication

Mid-Level
20 câu hỏi

Authorization & Policies

Mid-Level
18 câu hỏi

API Resources & Authentication

Mid-Level
26 câu hỏi

Middleware

Mid-Level
18 câu hỏi

Service Container & DI

Mid-Level
20 câu hỏi

Queues & Jobs

Mid-Level
22 câu hỏi

Events & Listeners

Mid-Level
18 câu hỏi

Notifications & Mail

Mid-Level
20 câu hỏi

File Storage

Mid-Level
18 câu hỏi

Testing & PHPUnit

Mid-Level
24 câu hỏi

Caching

Mid-Level
18 câu hỏi

Livewire & Inertia

Mid-Level
20 câu hỏi

Eloquent Advanced

Senior
24 câu hỏi

Repository Pattern

Senior
20 câu hỏi

Laravel Packages

Senior
20 câu hỏi

Performance Optimization

Senior
22 câu hỏi

Laravel Octane

Senior
18 câu hỏi

Laravel Distributed Systems

Senior
22 câu hỏi

Observability & Monitoring

Senior
20 câu hỏi

Deployment & DevOps

Senior
20 câu hỏi

Nắm vững Laravel cho lần phỏng vấn tiếp theo

Truy cập tất cả câu hỏi, flashcards, bài kiểm tra kỹ thuật, bài tập code review và mô phỏng phỏng vấn.

Bắt đầu miễn phí