| Age | Commit message (Collapse) | Author |
|---|
|
The global strict mode was enabled by default without
any means to disable it, in certain cases.
Bug reported by wedi.
|
|
This commit allows php to run (with a warning) if there
is no specified snuffleupagus configuration,
instead of refusing to start.
|
|
|
|
|
|
|
|
|
|
Since our configuration format is a bit more complex than php's one,
we have a `sp.allow_broken_configuration` parameter (`false` by default),
that you can set to `true` if you want PHP to carry on if your Snuffleupagus'
configuration contains syntax errors. You'll still get a big scary message in
your logs of course. We do **not** recommend to use it of course, but sometimes
it might be useful to be able to "debug in production" without breaking your
website.
|
|
|
|
When calling glob() to get the configuration file location, the
GLOB_BRACE flag is used. This flag enables the parsing of '{a,b}', so
that '/path/{a,b}' represents '/path/a' and '/path/b'. Looking at
Snuffleupagus' documentation I saw nowhere this kind of path was
supported. Instead the documentation shows that glob() is used for paths
with wildcards.
The use of GLOB_BRACE is problematic as it is glibc specific and is not
supported by some other C libraries, such as Musl. Snuffleupagus cannot
be used in Apline for this reason.
Since the documentation does not give a valid usage of GLOB_BRACE this
patch removes it, which fixes the non-glibc support.
Signed-off-by: Antoine Tenart <antoine.tenart@ack.tf>
|
|
Ensure that certificates are verified in curl
should close #47
|
|
|
|
- Fix an infinite loop on `echo` hook
- Use the correct function to compare filenames internally
|
|
|
|
|
|
This commit does a lot of things:
- Use hashtables instead of lists to store the rules
- Rules that can be applied at launch time won't be tried at runtime
- Improve feedback when writing nonsensical rules
- Make intensive use of `zend_string` instead of `char*`
|
|
* Trying to fix sloppy comparison https://github.com/nbs-system/snuffleupagus/issues/10 by
modifying php's opcode
|
|
Implement session encryption.
|
|
Thanks to @remicollet for the tip
|
|
|
|
|
|
|
|
|
|
This should close #85
|
|
Implement whitelist in eval
|
|
|
|
Add support for eval filtering, only blacklist for now
|
|
- `clang-format --style="{BasedOnStyle: google, SortIncludes: false}" -i snuffleu*.c sp_*.c sp_*.h`
- Update the documentation accordingly
|
|
This should close #39
|
|
It's now possible to encrypt cookies matching a specific regexp.
This should close #106
|
|
Since we now have sp_list and sp_tree, it makes sense to specify that
nodes are only for lists.
|
|
It's not possible to hook the `eval` builtin like other functions.
|
|
This is done by using the "samesite" cookie attribute.
|
|
|
|
References #43.
|
|
To be consistent with the rest of the `sp_list` functions.
|
|
In reference to #43.
|
|
This should close (#45
|
|
- The version
- The git commit
|
|
|
|
This should close #31
|
|
* Vastly improve the support of language construct hooking
|
|
|
