summaryrefslogtreecommitdiff
path: root/config/default_php8.rules (follow)
AgeCommit message (Collapse)Author
2025-05-25Unify/fix the default.rules file across PHP versions, and add some new onesjvoisin
2024-06-09Forbid file:// protocol in Curlbohwaz
2024-06-09Wording updatesChristian Göttsche
2024-06-09Add option to specify the allowed "php" wrapper typesChristian Göttsche
In addition of the current possibility to filter wrappers by their protocol name, also add the option to filter the "php" wrapper by the requested kind. Especially the 'filter' backend can be disabled that way.
2024-03-24Fix yet another php surprised-rename of functions parametersjvoisin
2023-11-03Add some documentation in the default rules.jvoisin
2023-02-16Add another burned vuln to the php8 rulesJulien Voisin
2022-03-20Merge remote-tracking branch 'sektioneins/master'jvoisin
2021-11-26PHP8 update parameters name in "move_uploaded_file" (#406)pfdutot
In the 8.0.8 and 8.1 version of PHP, the parameters name for move_uploaded_file are "from" and "to". This config file fail to apply the relevant rules unless the parameter names are updated using "to" instead of "destination".
2021-11-11inverted logic. set xxe_protection.enable() instead of disable_xxe.disable()Ben Fuhrmannek
2021-08-29updated documentation URLBen Fuhrmannek
2021-08-18updated documentation URLBen Fuhrmannek
2021-08-16Fix a few typos and inconsistencies in config filesGasper Vozel
2021-05-09Fix disable function chmodWhiteWinterWolf
2021-05-01Additional PHP 8 sample config argument name changesTristan Deloche
2021-05-01Improve our SQLI-related documentation and remove some useless rulesjvoisin
2021-04-27Update some parameter names which changed for PHP 8.0Tristan Deloche
2021-04-26Add a configuration file for php8jvoisin