diff options
| author | Anatol Belski <ab@php.net> | 2016-09-26 18:54:43 +0200 |
|---|---|---|
| committer | Anatol Belski <ab@php.net> | 2016-09-26 18:54:43 +0200 |
| commit | f36babf6436de743e92cd75b2732db3e44d3e16b (patch) | |
| tree | 2ae90023c61594e233f9a9ee8791671f687f96b6 | |
| parent | 39e599170532f64fd433dd68aa79bc0dcbda4689 (diff) | |
| parent | 5e102d5685a1bb2cf14dcc08728e6a2e6dcea18a (diff) | |
| download | php-git-f36babf6436de743e92cd75b2732db3e44d3e16b.tar.gz | |
Merge branch 'PHP-7.0' of git.php.net:php-src into PHP-7.0
| -rw-r--r-- | php.ini-development | 12 | ||||
| -rw-r--r-- | php.ini-production | 12 |
2 files changed, 24 insertions, 0 deletions
diff --git a/php.ini-development b/php.ini-development index fe9942d83d..c1f92c6c0d 100644 --- a/php.ini-development +++ b/php.ini-development @@ -759,6 +759,11 @@ enable_dl = Off ; http://php.net/cgi.fix-pathinfo ;cgi.fix_pathinfo=1 +; if cgi.discard_path is enabled, the PHP CGI binary can safely be placed outside +; of the web tree and people will not be able to circumvent .htaccess security. +; http://php.net/cgi.dicard-path +;cgi.discard_path=1 + ; FastCGI under IIS (on WINNT based OS) supports the ability to impersonate ; security tokens of the calling client. This allows IIS to define the ; security context that the request runs under. mod_fastcgi under Apache @@ -779,6 +784,13 @@ enable_dl = Off ; http://php.net/cgi.rfc2616-headers ;cgi.rfc2616_headers = 0 +; cgi.check_shebang_line controls whether CGI PHP checks for line starting with #! +; (shebang) at the top of the running script. This line might be needed if the +; script support running both as stand-alone script and via PHP CGI<. PHP in CGI +; mode skips this line and ignores its content if this directive is turned on. +; http://php.net/cgi.check-shebang-line +;cgi.check_shebang_line=1 + ;;;;;;;;;;;;;;;; ; File Uploads ; ;;;;;;;;;;;;;;;; diff --git a/php.ini-production b/php.ini-production index 35a4ddd85a..a2c3240aaa 100644 --- a/php.ini-production +++ b/php.ini-production @@ -759,6 +759,11 @@ enable_dl = Off ; http://php.net/cgi.fix-pathinfo ;cgi.fix_pathinfo=1 +; if cgi.discard_path is enabled, the PHP CGI binary can safely be placed outside +; of the web tree and people will not be able to circumvent .htaccess security. +; http://php.net/cgi.dicard-path +;cgi.discard_path=1 + ; FastCGI under IIS (on WINNT based OS) supports the ability to impersonate ; security tokens of the calling client. This allows IIS to define the ; security context that the request runs under. mod_fastcgi under Apache @@ -779,6 +784,13 @@ enable_dl = Off ; http://php.net/cgi.rfc2616-headers ;cgi.rfc2616_headers = 0 +; cgi.check_shebang_line controls whether CGI PHP checks for line starting with #! +; (shebang) at the top of the running script. This line might be needed if the +; script support running both as stand-alone script and via PHP CGI<. PHP in CGI +; mode skips this line and ignores its content if this directive is turned on. +; http://php.net/cgi.check-shebang-line +;cgi.check_shebang_line=1 + ;;;;;;;;;;;;;;;; ; File Uploads ; ;;;;;;;;;;;;;;;; |