My tester has integrated Burp tool with firefox, where he is running our project on same browser. He is saving each and every request of application in Burp tool and then login with another user to post request data of first user, or he logout of system and only post request data where he is able to save that data properly. Can anybody please answer that how I can stop laravel to save data on Burp or any other tool like this
Asked
Active
Viewed 220 times
0
-
1Why is this a problem? – Marcin Orlowski Nov 15 '19 at 05:57
-
yes, my tester has reported it as security issue with laravel. – Shital Jachak Nov 15 '19 at 06:04
-
@Marcin Orlowski : Can you please address this problem? – Shital Jachak Nov 15 '19 at 06:05
-
I just verified it again and it's nopt an issue.. After session logout no one can manipulate request data... I am closing this issue. – Shital Jachak Nov 15 '19 at 06:35
1 Answers
0
This is an integral part of testing. You should not be trying to find ways to deceive testing tools. You should be implementing good security in your application.
user3532758
- 2,221
- 1
- 12
- 17
-
Yes I have added this question to add laravel security accordingly. I don't want to deceive any testing tool. – Shital Jachak Nov 15 '19 at 06:06