Reputation: 1480
is it safe to pass the user to view in laravel?
Is it? I mean if you get the user with $user = Auth::user(); and then send it to the view with return view ('somepage')->with('user',$user); the browser will get all user data in the view (uername, password, user_id etc..). I know you can then show what you like example {{$user->username}} but the point is, is the rest of the data somehow accessible to an 'hacker', 'script kiddie' or the likes?
Upvotes: 2
Views: 78
Answers (1)
Reputation: 163898
Auth::user() is accesible from all views anyway.
Browser will not get all info like password, user_id etc. Browser gets only HTML generated by Blade template engine and it contains only things you want to share.
For example, you'll do {{ Auth::user()->username }}, browser will get username, but nothing else.
Upvotes: 1
Related Questions
- How to create custom helper functions in Laravel
- Displaying HTML with Blade shows the HTML code
- How to Set Variables in a Laravel Blade Template
- Attempt to present UIViewController on UIViewController whose view is not in the window hierarchy
- How to Get the Current URL Inside @if Statement (Blade) in Laravel 4?
- Get data in controller ( laravel ) from mongodb model and pass it to view
- Get root view from current activity
- Pass email to the parent user using laravel
- how safe is to pass the 'user' to javascript Ajax in laravel?