une appli critique Cross Site Scripting (XSS) • Injection de code (html et script) 10https://fr.wikipedia.org/wiki/Injection_SQL 3 • Exécution par le navigateur du client Cross Site Scripting (XSS) exécution) par plusieurs clients • DOM based XSS – Exécutée lors de la modification du DOM (Exemple11) Cross Site Request Forgery (CSRF - Sea Surf) • Principe : – Faire réaliser à quelqu’un une action à son 31030php_nexen-xss1.shtml 38https://www.apprendre-php.com/tutoriels/tutoriel-39-introduction-aux-cross-site-request-forgeries-ou-sea- surf.html 39https://www.owasp.org/index.php/Webgoat 40https://www

Controller 44 Chapter 12: Cron basics 45 Introduction 45 Examples 45 Create Cron Job 45 Chapter 13: Cross Domain Request 46 Examples 46 Introduction 46 CorsHeaders 46 Chapter 14: Custom Helper function 45 Chapter 13: Cross Domain Request Examples Introduction Sometimes we need cross domain request for our API's in laravel. We need to add appropriate headers to complete the cross domain request successfully in: *'); } return $next($request); } } Read Cross Domain Request online: https://riptutorial.com/laravel/topic/7425/cross-domain- request https://riptutorial.com/ 47 Chapter 14: Custom

HTTP Verb $url = url('foo'); Laravel makes it easy to protect your application from cross-site request forgeries. Cross-site request forgeries are a type of malicious exploit whereby unauthorized commands