Tamper-proof actions

You've asked for more ideas to make Livewire strict. So here we go...

Another issue (which most devs do not expect) is that also the action call in the HTML can be changed. So that id that should be passed? Yeah, that can be changed on the client side too.

It would be great to have an option (like signed urls) to make action calls tamper proof. An idea would be that the action with parameters and component instance id are signed to disable any modifcations.

```php
class UserBalance extends Component
{ 
    #[Signed]
    public function updateBalance(int $sum)
    {
        // ....
    }
}

LivewireStrict::signedActions();
```

```html
<button wire:click="@livewireAction('delete', $post->id)" /> 
```

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

Uh oh!

Uh oh!

Tamper-proof actions #2

Metadata

Assignees

Labels

Type

Projects

Milestone

Relationships

Development

Uh oh!

Tamper-proof actions #2

Description

Metadata

Metadata

Assignees

Labels

Type

Projects

Milestone

Relationships

Development

Issue actions