An old Laravel security vulnerability was brought back to life today and the issue reported was fixed 7 months ago and is not an issue currently. You can see the change here to confirm the strict equality check.
This did bring up some unrelated issues with the remember me functionality and it will require you to add a new column to your “users” table. These changes should be out this afternoon and be sure and read the release notes.
On the topic of security, never have full dumping of error messages and stack traces turned on in production!
And another good change coming:
As of today, you will now be forced to configure your local environment in order to receive full error messages.
Join the weekly newsletter and never miss out on new tips, tutorials, and more.
Laracasts Weekend Homework
Continuing on the unit testing topic Laracasts has a forum post with some great discussion around this. I think its w…
Lose the Hash (Bang) Using Ember and Laravel
Ryan Tablada shares how to set up Ember and Laravel to not use the hash (#) in the urls. His Laravel setup will also…