This made no sense before. Hide Authorization in getallheaders() but

display it from phpinfo()? Ouch! @ Hide Authorization header from phpinfo() output in safe_mode (Rasmus)
author: Rasmus Lerdorf <rasmus@php.net> 2001-10-21 00:03:55 +0000
committer: Rasmus Lerdorf <rasmus@php.net> 2001-10-21 00:03:55 +0000
commit: 95dff71df7fb08e9e4e690b90143425b0b7ed704 (patch)
tree: 7c41f5be09fbe6c19eb575bf624d3f58deaa0d93 /sapi/apache/php_apache.c
parent: 02e25f0a1ef548b50f792a7e12bc19ad219798ef (diff)
download: php-git-95dff71df7fb08e9e4e690b90143425b0b7ed704.tar.gz
1 files changed, 1 insertions, 1 deletions
diff --git a/sapi/apache/php_apache.c b/sapi/apache/php_apache.c
index 6c995aa171..5a1b835459 100644
--- a/sapi/apache/php_apache.c
+++ b/sapi/apache/php_apache.c
@@ -278,7 +278,7 @@ PHP_MINFO_FUNCTION(apache)
 		env_arr = table_elts(r->headers_in);
 		env = (table_entry *)env_arr->elts;
 		for (i = 0; i < env_arr->nelts; ++i) {
-			if (env[i].key) {
+			if (env[i].key && (!PG(safe_mode) || (PG(safe_mode) && strncasecmp(env[i].key, "authorization", 13)))) {
 				php_info_print_table_row(2, env[i].key, env[i].val);
 			}
 		}
author	Rasmus Lerdorf <rasmus@php.net>	2001-10-21 00:03:55 +0000
committer	Rasmus Lerdorf <rasmus@php.net>	2001-10-21 00:03:55 +0000
commit	95dff71df7fb08e9e4e690b90143425b0b7ed704 (patch)
tree	7c41f5be09fbe6c19eb575bf624d3f58deaa0d93 /sapi/apache/php_apache.c
parent	02e25f0a1ef548b50f792a7e12bc19ad219798ef (diff)
download	php-git-95dff71df7fb08e9e4e690b90143425b0b7ed704.tar.gz