prevent serialized classes

This commit is contained in:
Taylor Otwell
2026-02-18 16:50:55 -06:00
parent 6036bb7bfc
commit 8a92477433

View File

@@ -114,4 +114,17 @@ return [
'prefix' => env('CACHE_PREFIX', Str::slug((string) env('APP_NAME', 'laravel')).'-cache-'), 'prefix' => env('CACHE_PREFIX', Str::slug((string) env('APP_NAME', 'laravel')).'-cache-'),
/*
|--------------------------------------------------------------------------
| Serializable Classes
|--------------------------------------------------------------------------
|
| This value determines the classes that can be unserialized from cache
| storage. By default, no PHP classes will get unserialized from the
| cache to prevent gadget chain attacks if your APP_KEY is leaked.
|
*/
'serializable_classes' => false,
]; ];