我已经创建了laravel应用程序。我收到打p套件报告时发现一个问题。我需要加密电子邮件和密码(容易受到跨站点请求的伪造攻击)
这是我打的报告。
Cookie: XSRF-TOKEN =“”; my_new_session =“” _token = eff13b445f30f3f0527e58625b44c085&email = admin%40test.com&password = 123456
login.blade.php
<!DOCTYPE html>
<html lang="en" dir="ltr">
<head>
<meta charset="utf-8" />
<meta http-equiv="x-ua-compatible" content="IE=edge" />
<meta name="viewport" content="width=device-width,initial-scale=1" />
<meta name="csrf-token" content="{{ csrf_token() }}">
<script>
window.Laravel = <?php echo json_encode([
'csrfToken' => csrf_token(),]); ?>
</script>
</head>
<body>
<form class="form-inline" method="POST" action="{{ url('/login') }}">
{{ csrf_field() }}
<input type="email" autocorrect="off" autocapitalize="off" autocomplete="off" class="form-
control" placeholder="username" id="email" name="email"
value="{{ old('email') }}" maxlength="20" >
<input type="password" autocorrect="off" autocapitalize="off" autocomplete="off"
name="password" placeholder="Password" class="form-control"
id="password" value="{{ old('password') }}" >
<button type="submit" class="btn btn-primary">Login</button>
</form>
</body>
</html>
谢谢