mirror of
https://github.com/sigmasternchen/php-doc-en
synced 2025-03-16 00:48:54 +00:00
Added note to SERVER_PORT to warn about spoofing
git-svn-id: https://svn.php.net/repository/phpdoc/en/trunk@329894 c90b9560-bf6c-de11-be94-00142212c4b1
This commit is contained in:
parent
fa54c57911
commit
9e5fdbf8d0
1 changed files with 9 additions and 0 deletions
|
@ -392,6 +392,15 @@
|
|||
using SSL, for instance, will change this to whatever your
|
||||
defined secure HTTP port is.
|
||||
</simpara>
|
||||
<note>
|
||||
<simpara>
|
||||
Under the Apache 2, you must set <literal>UseCanonicalName = On</literal>,
|
||||
as well as <literal>UseCanonicalPhysicalPort = On</literal> in order to
|
||||
get the physical (real) port, otherwise, this value can be spoofed and it
|
||||
may or may not return the physical port value.
|
||||
It is not safe to rely on this value in security-dependent contexts.
|
||||
</simpara>
|
||||
</note>
|
||||
</listitem>
|
||||
</varlistentry>
|
||||
|
||||
|
|
Loading…
Reference in a new issue