Laravel - Route’s URL Tampering for Slug’s

Debarshi Mondal
2 min readAug 11, 2020

--

It’s just came on my mind. How to protect your laravel route’s containing slug(pretty Url’s) for all Http Verbs? I’m Looking over 1weeks thorughout Internet(stackoverflow, laracasts) nothing much found.

I’m not looking for like authenicated users nor if someone changed the URL’s Id and visit someone’s for that we have auth() or middlewares. Looking for if someone using a Slug(pretty url’s) instead of a Id for giving a clear understand of a url path, for that if someone changes that slug name or remove a word or letter form it then it’s show exception or errors. This is not a good impact for our viewers.

Like: Initially my correct slug name is “Lamda”:

Then If someone changes it to “lama”:

To get rid of this and over 5–6 days surfuring , got some idea how to implement.

function isAvailable($value) {
$categories = Category::all();
foreach ($categories as $all) {
if ($all->slug === $value) {
return true;
}
}
}

just here use a function and fetching all category data into $categories and looping through it and checks if $all->slug containing the slug name is equal the $value which we provided as a function isAvailable() argument.

if(isAvailable($slug)){
//code..yours
else {
return back();
}

and returns back if the slug name is not matching. It’s Perfectly Working.

Note:: This function should be inside the Name of the Controller function method which you provided in the Route’s(web.php) file.

--

--

Debarshi Mondal
Debarshi Mondal

Written by Debarshi Mondal

I'm a Serverless Full Stack Developer.

No responses yet