 How does $allowedFields protect against mass assignment vulnerabilities? |
|
@libsys Your customization is interesting.
But in my opinion, if an Entity knows assignable fields, you don't need to use allowedFields in CI4 Model. It seems you can add protection in your Entity (e.g., to add $fillable in the Entity) and disable the protection in Model. That will be simpler. |
| Messages In This Thread |
|
How does $allowedFields protect against mass assignment vulnerabilities? - by libsys - 09-03-2024, 08:06 AM
RE: How does $allowedFields protect against mass assignment vulnerabilities? - by Renta Ardhana - 09-04-2024, 08:52 AM
RE: How does $allowedFields protect against mass assignment vulnerabilities? - by kenjis - 09-04-2024, 11:59 PM
RE: How does $allowedFields protect against mass assignment vulnerabilities? - by libsys - 09-05-2024, 11:05 PM
RE: How does $allowedFields protect against mass assignment vulnerabilities? - by kenjis - 09-06-2024, 04:56 PM
RE: How does $allowedFields protect against mass assignment vulnerabilities? - by libsys - 09-09-2024, 08:57 AM
|
