sigmasternchen/php-doc-en
1
0
Fork 0
mirror of https://github.com/sigmasternchen/php-doc-en synced 2025-03-15 16:38:54 +00:00
Code Issues Projects Releases Packages Wiki Activity Actions
php-doc-en/appendices
History
Juliette f3b5475eeb
PHP 8.0 migration/deprecated: expand on libxml_disable_entity_loader() (#528) 
The current text in the migration guide about the deprecation of `libxml_disable_entity_loader()` is misleading and can easily lead to the introduction of XXE vulnerable code.

In select circumstances, when `LIBXML_NOENT` is used, code can still be vulnerable to XXE attacks, even on PHP 8.0.
So I'm proposing to add an appropriate warning and mention the upgrade path in the migration guide.

Includes fixing a typo on the `libxml_disable_entity_loader()` page.

Co-authored-by: jrfnl <jrfnl@users.noreply.github.com>
2021-04-16 10:44:07 +02:00
..
configure Remove docs about NSAPI 2021-01-13 12:49:23 +00:00
migration56 Remove obsolete PHP 5 related info from ini.core and related pages 2021-02-24 14:32:08 +01:00
migration70 Remove obsolete PHP 5 related info from ini.core and related pages 2021-02-24 14:32:08 +01:00
migration71 Use canonical type names 2020-11-02 15:39:04 +00:00
migration72 Document BC breaking change in handling of incoming cookie names 2020-09-29 10:30:38 +00:00
migration73 Use canonical type names 2020-11-02 15:39:04 +00:00
migration74 Fix #80528: No waring/error for some nested ternary operators without explicit parentheses 2020-12-17 18:00:58 +00:00
migration80 PHP 8.0 migration/deprecated: expand on libxml_disable_entity_loader() (#528) 2021-04-16 10:44:07 +02:00
about.xml Tell people about the possibility to doc-en source code from git, not SVN. 2021-01-29 00:29:19 +09:00
aliases.xml fixed broken build 2020-11-24 09:36:50 +00:00
comparisons.xml Use canonical type names 2020-11-02 15:39:04 +00:00
debugger.xml Remove migration guides for PHP 5 2021-01-08 00:38:12 +01:00
extensions.xml Remove old weakref extension (#514) 2021-04-12 15:35:52 +02:00
filters.xml Remove obsolete PHP 5 specific information 2020-11-20 14:35:34 +00:00
history.xml Making the XML definition consistent across the entire project. 2014-09-05 07:44:07 +00:00
ini.core.xml Fix #77477: Document hard_timeout 2021-03-16 17:31:45 +01:00
ini.list.xml Remove mime_magic documentation 2021-02-24 18:29:14 +01:00
ini.sections.xml Revert useless change in 326638 2012-02-29 00:24:15 +00:00
ini.xml Split big file 2012-01-11 07:03:59 +00:00
license.xml Converted to utf-8 2010-03-28 22:10:10 +00:00
migration56.xml Remove migration guides for PHP 5 2021-01-08 00:38:12 +01:00
migration70.xml Remove migration guides for PHP 5 2021-01-08 00:38:12 +01:00
migration71.xml Remove migration guides for PHP 5 2021-01-08 00:38:12 +01:00
migration72.xml Remove migration guides for PHP 5 2021-01-08 00:38:12 +01:00
migration73.xml Remove migration guides for PHP 5 2021-01-08 00:38:12 +01:00
migration74.xml add remaining 7.4 migration sections 2019-09-19 21:32:14 +00:00
migration80.xml PHP 8.0 migration guide 2020-11-22 18:25:14 +00:00
reserved.constants.core.xml Fix #61044: invalid PHP_BINDIR 2021-02-12 14:35:22 +01:00
reserved.constants.standard.xml Linkable core constants, remove duplicate and non-existent constants 2012-02-28 19:56:00 +00:00
reserved.constants.xml Fix other typos outside of php module docs 2020-04-27 06:59:43 +00:00
reserved.xml Add match to list of reserved words 2020-12-30 18:44:11 +01:00
resources.xml Document ssh2 resources 2021-01-14 16:36:46 +01:00
tokens.xml Update documentation related to PHP Tokens 2021-03-30 13:01:29 +02:00
transports.xml ssl:// and tls:// are still supported 2020-10-17 15:55:54 +00:00
userlandnaming.xml Fixed function -> functions 2016-10-28 15:32:08 +00:00