diff options
| author | Ben Fuhrmannek | 2021-11-11 13:15:52 +0100 |
|---|---|---|
| committer | Ben Fuhrmannek | 2021-11-11 13:15:52 +0100 |
| commit | 713cb08b58d4e5dd5e7e80b1f82e27cbe52d4381 (patch) | |
| tree | b1bd945693215ca349180d44ae929f7f59427f09 /doc/source | |
| parent | 9111fdf5e6332923a5faf9f8a7e6b428eb91795a (diff) | |
inverted logic. set xxe_protection.enable() instead of disable_xxe.disable()
Diffstat (limited to 'doc/source')
| -rw-r--r-- | doc/source/config.rst | 7 |
1 files changed, 4 insertions, 3 deletions
diff --git a/doc/source/config.rst b/doc/source/config.rst index 10b0afd..63ddf7b 100644 --- a/doc/source/config.rst +++ b/doc/source/config.rst | |||
| @@ -293,14 +293,15 @@ It can either be ``enabled`` or ``disabled`` and can be used in ``simulation`` m | |||
| 293 | sp.upload_validation.script("/var/www/is_valid_php.py").enable(); | 293 | sp.upload_validation.script("/var/www/is_valid_php.py").enable(); |
| 294 | 294 | ||
| 295 | 295 | ||
| 296 | disable_xxe | 296 | xxe_protection |
| 297 | ^^^^^^^^^^^ | 297 | ^^^^^^^^^^^ |
| 298 | 298 | ||
| 299 | :ref:`disable_xxe <xxe-feature>`, enabled by default, will prevent XXE attacks by disabling the loading of external entities (``libxml_disable_entity_loader``) in the XML parser. | 299 | :ref:`xxe_protection <xxe-feature>`, disabled by default, will prevent XXE attacks by disabling the loading of external entities (``libxml_disable_entity_loader``) in the XML parser. |
| 300 | 300 | ||
| 301 | :: | 301 | :: |
| 302 | 302 | ||
| 303 | sp.disable_xxe.enable(); | 303 | sp.xxe_protection.enable(); |
| 304 | sp.xxe_protection.disable(); | ||
| 304 | 305 | ||
| 305 | 306 | ||
| 306 | Whitelist of stream-wrappers | 307 | Whitelist of stream-wrappers |