GNUsocial
/
gnu-social
4
0
Fork 1
Code Issues Releases Wiki Activity
gnu-social/src
History
Hugo Sales aef1fac536
[SECURITY] Refactor security hardening code and disable unused stream wrappers 
Ensure unwanted enviorment variables are removed from the actual
global environment rather than just the `$_ENV` superglobal variable

Disable stream wrappers, as this is an unexpected feature for most
developers and can be exploited. For instance, `phar://` can be used
to override any class and thus provide code execution (through
`__wakeup` or `__costruct`, for instance). Not a complete solution, as
`php://` can also be abused, but we can't disable it as it gets used
_somewhere_ in our dependencies
 		2022-04-03 18:02:54 +01:00
..
Command [CORE][DB] Rename App\Core\DB\DB to App\Core\DB 2022-03-28 20:59:14 +01:00
Controller [CORE][Router] Rename \App\Core\Router\Router to \App\Core\Router and merge \App\Core\Router\RouteLoader with \App\Core\Router 2022-03-28 20:59:15 +01:00
Core [SECURITY] Refactor security hardening code and disable unused stream wrappers 2022-04-03 18:02:54 +01:00
DependencyInjection/Compiler [TOOLS] Add explicit return types to fix deprecation warnings raised by PHPUnit 2022-03-09 01:37:10 +00:00
Entity [ENTITY][Actor][COMPONENT][Tag] Add `Actor->getNoteTags(?string $note_type)` which gets a cached list of NoteTags for notes of type $note_type for the actor 2022-04-01 00:11:01 +01:00
Migrations [V3] Big Bang 2021-09-14 13:01:33 +01:00
PHPStan [CORE][DB] Rename App\Core\DB\DB to App\Core\DB 2022-03-28 20:59:14 +01:00
Repository [TOOLS][CS-FIXER] Run new PHP CS Fixer config. Notably, adds strict_types 2021-10-27 04:19:28 +01:00
Routes [CORE][Router] Rename \App\Core\Router\Router to \App\Core\Router and merge \App\Core\Router\RouteLoader with \App\Core\Router 2022-03-28 20:59:15 +01:00
Twig [CORE][Router] Rename \App\Core\Router\Router to \App\Core\Router and merge \App\Core\Router\RouteLoader with \App\Core\Router 2022-03-28 20:59:15 +01:00
Util [PLUGIN][Pinboard] Invalidate token and it's cache when actor information is changed via ActorForms 2022-03-31 03:47:14 +01:00
CacheKernel.php [TOOLS][CS-FIXER] Run new PHP CS Fixer config. Notably, adds strict_types 2021-10-27 04:19:28 +01:00
Kernel.php [TOOLS][CS-FIXER] Run new PHP CS Fixer config. Notably, adds strict_types 2021-10-27 04:19:28 +01:00