sigmasternchen/php-doc-en
1
0
Fork 0
mirror of https://github.com/sigmasternchen/php-doc-en synced 2025-03-31 00:08:56 +00:00
Code Issues Projects Releases Packages Wiki Activity Actions
27430 commits 6 branches 0 tags 68 MiB
Commit graph

9 commits

Author SHA1 Message Date
Juliette
f3b5475eeb
PHP 8.0 migration/deprecated: expand on libxml_disable_entity_loader() (#528) 
The current text in the migration guide about the deprecation of `libxml_disable_entity_loader()` is misleading and can easily lead to the introduction of XXE vulnerable code.

In select circumstances, when `LIBXML_NOENT` is used, code can still be vulnerable to XXE attacks, even on PHP 8.0.
So I'm proposing to add an appropriate warning and mention the upgrade path in the migration guide.

Includes fixing a typo on the `libxml_disable_entity_loader()` page.

Co-authored-by: jrfnl <jrfnl@users.noreply.github.com>
 2021-04-16 10:44:07 +02:00
Christoph M. Becker
5b5bb5d9b3 Improve libxml_disable_entity_loader() docs 
We clarify that `libxml_set_external_entity_loader()` is the preferred
alternative, and also note that the function is deprecated as of PHP
8.0.0.
 2021-01-19 16:32:53 +01:00
Christoph Michael Becker
a07808fdd7 Fix #62577: simplexml_load_file does not file if libxml_disable_entity_loader(true) 
git-svn-id: https://svn.php.net/repository/phpdoc/en/trunk@350442 c90b9560-bf6c-de11-be94-00142212c4b1
 2020-08-31 16:29:59 +00:00
Jakub Vrana
b8758b0605 Use entities in initializer 
git-svn-id: https://svn.php.net/repository/phpdoc/en/trunk@343899 c90b9560-bf6c-de11-be94-00142212c4b1
 2018-01-25 19:11:34 +00:00
Jakub Vrana
d3c871ae1e Fix protos 
git-svn-id: https://svn.php.net/repository/phpdoc/en/trunk@308253 c90b9560-bf6c-de11-be94-00142212c4b1
 2011-02-11 13:16:13 +00:00
Torben Wilson
af4410a7e1 Normalized the sgml-default-dtd-file local-variable line for those 
still using this, after discussion on the phpdoc list.
From now on, manual.ced will need to be found at ~/.phpdoc/manual.ced.



git-svn-id: https://svn.php.net/repository/phpdoc/en/trunk@288721 c90b9560-bf6c-de11-be94-00142212c4b1
 2009-09-25 07:04:39 +00:00
Nilgün Belma Bugüner
50f05a02f3 fixed properties 
git-svn-id: https://svn.php.net/repository/phpdoc/en/trunk@283820 c90b9560-bf6c-de11-be94-00142212c4b1
 2009-07-11 07:50:41 +00:00
Kalle Sommer Nielsen
37c8ec8c6a libxml_disable_entity_loader()'s parameter is a boolean, not a string 
git-svn-id: https://svn.php.net/repository/phpdoc/en/trunk@282789 c90b9560-bf6c-de11-be94-00142212c4b1
 2009-06-26 02:34:57 +00:00
Hannes Magnusson
98574a0e0e Document libxml_disable_entity_loader() 
git-svn-id: https://svn.php.net/repository/phpdoc/en/trunk@282639 c90b9560-bf6c-de11-be94-00142212c4b1
 2009-06-23 12:22:57 +00:00