Verified · Upgraded · Production-ready
Official samples, lifted.
We run each official sample inside Docker, record what actually happens, and publish the hardened, production-grade version with the full diff on GitHub.
Latest articles
All →-
Security Hardened
Implementing Content-Security-Policy in Laravel
Content-Security-Policy (CSP) is the last defense layer that stops XSS damage in the browser. The server declares "these are the only scripts allowed to run and resources allowed to load on this page," and the browser rejects everything el…
2026-04-19 -
Security Hardened
Laravel + Livewire Starter Kit: nonce-based CSP
The SetSecurityHeaders middleware shipped in our Livewire Starter Kit Docker-verified fork kept 'unsafe-inline' in script-src and style-src. That was a deliberate placeholder to match the React/Vue forks; the Livewire architecture doesn't …
Laravel · 2026-04-19 GitHub -
Security Hardened
Laravel + Livewire Starter Kit: Docker-verified fork
We took the official laravel/livewire-starter-kit (Livewire v4 + Flux + Alpine), ran it inside Docker, and published a production-hardened fork. Tests go from the upstream 33 passed to 37 passed / 92 assertions. This article covers the Liv…
Laravel · 2026-04-19 GitHub -
Security Hardened
Laravel + Vue Starter Kit: Docker-verified fork
We took the official laravel/vue-starter-kit (Inertia + Vue 3 + shadcn-vue + Fortify), ran it inside Docker, and published a production-hardened fork. Tests go from 40 passed to 44 passed / 151 assertions. This article covers the Vue / Ine…
Laravel · 2026-04-19 GitHub -
Security Hardened
Laravel + React Starter Kit: Docker-verified fork
We took the official laravel/react-starter-kit (Inertia + React 19 + shadcn/ui + Fortify), ran it inside Docker Desktop, and published a production-hardened fork. The test suite goes from the upstream 40 passed to 44 passed / 151 assertion…
Laravel · 2026-04-19 GitHub -
Security Hardened
Hardening the shared Laravel starter-kit backend
Laravel's official starter kits (React / Vue / Livewire) differ in their frontend layer, but they share the same Laravel + Fortify backend code. So most of the production-hardening work is identical across all three. This is the pillar art…
Laravel · 2026-04-18