diff options
| author | Christian Göttsche | 2024-05-27 21:33:00 +0200 |
|---|---|---|
| committer | jvoisin | 2024-06-09 17:16:16 +0200 |
| commit | c7ce5c3528e8da8762e6e7067001549e109397ba (patch) | |
| tree | 4c9606730af25a8f893193b7cc5cb718a20c3f35 /config | |
| parent | 849252c6a48b428dde3ad8930b40a2bdf9874cb7 (diff) | |
Add option to specify the allowed "php" wrapper types
In addition of the current possibility to filter wrappers by their
protocol name, also add the option to filter the "php" wrapper by the
requested kind.
Especially the 'filter' backend can be disabled that way.
Diffstat (limited to 'config')
| -rw-r--r-- | config/default_php8.rules | 2 |
1 files changed, 2 insertions, 0 deletions
diff --git a/config/default_php8.rules b/config/default_php8.rules index 98cc0db..096f033 100644 --- a/config/default_php8.rules +++ b/config/default_php8.rules | |||
| @@ -26,6 +26,8 @@ sp.xxe_protection.enable(); | |||
| 26 | # PHP has a lot of wrappers, most of them aren't usually useful, you should | 26 | # PHP has a lot of wrappers, most of them aren't usually useful, you should |
| 27 | # only enable the ones you're using. | 27 | # only enable the ones you're using. |
| 28 | # sp.wrappers_whitelist.list("file,php,phar"); | 28 | # sp.wrappers_whitelist.list("file,php,phar"); |
| 29 | # The "php" wrapper can be further filtered | ||
| 30 | # sp.wrappers_whitelist.php_list("stdout,stdin,stderr"); | ||
| 29 | 31 | ||
| 30 | # Prevent sloppy comparisons. | 32 | # Prevent sloppy comparisons. |
| 31 | # sp.sloppy_comparison.enable(); | 33 | # sp.sloppy_comparison.enable(); |