allow_url_fopen setting does not work with code #17

insperedia · 2017-03-07T14:57:45Z

Hi,

using http wrapper in streams considered as potential security risk. On our server we use allow_url_fopen=0 to block possibility to use url instead filenames. The recomended method to make remote requests in PHP is to use curl directly.
Anyway there would be no problem to override Api::httpRequest if it would have protected access modifier.

Nyholm · 2017-03-07T15:04:34Z

The PR #16 will solve this issue.

insperedia · 2017-03-07T15:06:19Z

Hi @Nyholm, nice to see meet you not only on PHP MeetUps but also on GitHub :)

insperedia · 2017-03-07T15:20:52Z

Regarding HTTPlug I would agree with developer. There no need in additional depencies.

insperedia closed this as completed Mar 7, 2017

insperedia reopened this Mar 7, 2017

insperedia closed this as completed Mar 9, 2017

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

allow_url_fopen setting does not work with code #17

allow_url_fopen setting does not work with code #17

insperedia commented Mar 7, 2017 •

edited

Loading

Nyholm commented Mar 7, 2017

insperedia commented Mar 7, 2017

insperedia commented Mar 7, 2017 •

edited

Loading

allow_url_fopen setting does not work with code #17

allow_url_fopen setting does not work with code #17

Comments

insperedia commented Mar 7, 2017 • edited Loading

Nyholm commented Mar 7, 2017

insperedia commented Mar 7, 2017

insperedia commented Mar 7, 2017 • edited Loading

insperedia commented Mar 7, 2017 •

edited

Loading

insperedia commented Mar 7, 2017 •

edited

Loading