app.blade.php uses {!! !!} instead of {{ }}

[dhcmega]

Hi I think that all the user data, like user's name should be displayed using {{ $user->name }} instead of {!! $user->name !!} because a user might enter HTML text as name, or JS code and that could be bad.

[RhRU]

@dhcmega IMHO It is on you to prevent that from happening.

[mitulgolakiya]

@RhRU yes, I would leave that to the user. If they want to change then they can change manually, because all values will not be HTML.