From b41dcf2947bbcfca0152d06684b1caac2586a0b6 Mon Sep 17 00:00:00 2001 From: Christian Göttsche Date: Mon, 27 May 2024 22:48:49 +0200 Subject: Wording updates --- config/default_php8.rules | 2 +- doc/source/config.rst | 2 +- doc/source/features.rst | 6 ++++-- 3 files changed, 6 insertions(+), 4 deletions(-) diff --git a/config/default_php8.rules b/config/default_php8.rules index 096f033..a6edfbe 100644 --- a/config/default_php8.rules +++ b/config/default_php8.rules @@ -26,7 +26,7 @@ sp.xxe_protection.enable(); # PHP has a lot of wrappers, most of them aren't usually useful, you should # only enable the ones you're using. # sp.wrappers_whitelist.list("file,php,phar"); -# The "php" wrapper can be further filtered +# The "php" wrapper can be further filtered, e.g. to only allow `php://stdout`, `php://stdin` and `php://stderr`: # sp.wrappers_whitelist.php_list("stdout,stdin,stderr"); # Prevent sloppy comparisons. diff --git a/doc/source/config.rst b/doc/source/config.rst index 75392d7..525885f 100644 --- a/doc/source/config.rst +++ b/doc/source/config.rst @@ -399,7 +399,7 @@ Allowlist of the php stream-wrapper ^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^ :ref:`The php-stream-wrapper allowlist ` -allows to explicitly allow the builtin `php streams `__. +allows to explicitly restrict the permitted builtin `php streams `__. :: diff --git a/doc/source/features.rst b/doc/source/features.rst index 3855f2a..32a535b 100644 --- a/doc/source/features.rst +++ b/doc/source/features.rst @@ -406,10 +406,12 @@ The builtin `"php" stream wrapper `__ +- Synacktiv's `php_filter_chain_generator `__ tool +- Ambionic's `wrapwrap `__ tool .. _eval-feature: -- cgit v1.3