Be careful if you're not scoping your route model bindings

Twitter
·
Telegram
·
Newsletter

I've caught myself writing this security bug many times in controllers, making the assumption that Laravel will retrieve child route bound models by the parent model by default. Be careful if you're not scoping your route model bindings!

We're writing a book, you can get it for free here. We're writing a book! Join the early access to get it for free.

Join the waiting list