Extend MD_JAIL with .user_ini proposals for restricting maximum inputs
This commit is contained in:
parent
5130477e4b
commit
95537fb60e
11
MD_JAIL.php
11
MD_JAIL.php
@ -42,7 +42,7 @@ final class MD_JAIL {
|
||||
* Static function providing an advisory on how to harden the php.ini or
|
||||
* .user.ini.
|
||||
*
|
||||
* @param array{shell_access_whitelist: string[], sys_function_whitelist: string[], file_function_whitelist: string[], file_uploads: bool, allow_url_fopen: bool, max_input_vars: integer, max_input_nesting_level: integer, curl: bool} $requested_resources Requested resources.
|
||||
* @param array{shell_access_whitelist: string[], sys_function_whitelist: string[], file_function_whitelist: string[], file_uploads: bool, allow_url_fopen: bool, max_input_vars: integer, max_input_nesting_level: integer, post_max_size: string, curl: bool} $requested_resources Requested resources.
|
||||
*
|
||||
* @return string
|
||||
*/
|
||||
@ -96,13 +96,16 @@ final class MD_JAIL {
|
||||
$output .= PHP_EOL . PHP_EOL . '## .user.ini' . PHP_EOL;
|
||||
|
||||
if ($requested_resources['file_uploads'] === false) {
|
||||
$output .= PHP_EOL . "php_value[upload_max_filesize] = 1";
|
||||
$output .= PHP_EOL . "upload_max_filesize = 1";
|
||||
}
|
||||
if ($requested_resources['max_input_vars'] != ini_get("max_input_vars")) {
|
||||
$output .= PHP_EOL . "php_value[max_input_vars] = " . $requested_resources['max_input_vars'];
|
||||
$output .= PHP_EOL . "max_input_vars = " . $requested_resources['max_input_vars'];
|
||||
}
|
||||
if ($requested_resources['max_input_nesting_level'] != ini_get("max_input_nesting_level")) {
|
||||
$output .= PHP_EOL . "php_value[max_input_nesting_level] = " . $requested_resources['max_input_nesting_level'];
|
||||
$output .= PHP_EOL . "max_input_nesting_level = " . $requested_resources['max_input_nesting_level'];
|
||||
}
|
||||
if ($requested_resources['post_max_size'] != ini_get("post_max_size")) {
|
||||
$output .= PHP_EOL . "post_max_size = " . $requested_resources['post_max_size'];
|
||||
}
|
||||
|
||||
$output .= PHP_EOL . PHP_EOL . '## PHPStan Directives' . PHP_EOL . PHP_EOL . " disallowedFunctionCalls:" . PHP_EOL;
|
||||
|
Loading…
Reference in New Issue
Block a user