I want to create a shop builder that the user can create own theme and upload it to my host. and now I want to prevent users cant access database and model and resources in blade.
Because they can write malicious code through the blade on my server and cause system crashes.
I want to send only a list of variables for each blade's page that contains the values they need on this page and users can only use these variables and can not access my server database or resources and my files server. I had to prevent user cant access database in the blade
Anyone have an idea for this؟
thank you
I have a need similar to yours
after several experiments and attempts I have found a solution that might work, but with limitations/restrictions
it would be appropriate "from my point of view" to think about introducing another way to render your content.
in the face of my research I have found 2 possible solutions
in conclusion, 'my' choice was liquid, since it guaranteed me more security, in addition to other companies such as shopify have decided to use it also for this peculiarity
The technical post webpages of this site follow the CC BY-SA 4.0 protocol. If you need to reprint, please indicate the site URL or the original address.Any question please contact:yoyou2525@163.com.