diff options
author | Dik Takken <d.h.j.takken@freedom.nl> | 2020-07-16 14:20:41 +0200 |
---|---|---|
committer | Nikita Popov <nikita.ppv@gmail.com> | 2020-08-03 21:53:29 +0200 |
commit | e0fa48f69dd14b52c8f1b2904ac7bd30472849a8 (patch) | |
tree | c450a30da315153fd49b441e57051ea846107147 /ext/sockets | |
parent | 691a09f291a909cba8821ef16a447a5e615dee69 (diff) | |
download | php-git-e0fa48f69dd14b52c8f1b2904ac7bd30472849a8.tar.gz |
Deprecate libxml_disable_entity_loader()
This method was used to protect code against XXE processing attacks.
Since PHP now requires libxml >= 2.9.0 external entity loading no longer
needs to be disabled to prevent these attacks. It is disabled by default.
Also, the method has an unwanted side effect that causes a lot of
confusion: Parsing XML data from resources like files is no longer possible.
Closes GH-5867.
Diffstat (limited to 'ext/sockets')
0 files changed, 0 insertions, 0 deletions