This repository has been archived on 2023-08-20. You can view files and clone it, but cannot push or open issues or pull requests.

Fabien Potencier 033c41a6b9 minor #21090 Secure unserialize by restricting allowed classes when using PHP 7 (dbrumann) ... This PR was merged into the 3.3-dev branch. Discussion ---------- Secure unserialize by restricting allowed classes when using PHP 7 | Q | A | ------------- | --- | Branch? | master | Bug fix? | no | New feature? | no | BC breaks? | no | Deprecations? | no | Tests pass? | yes | Fixed tickets | --- | License | MIT | Doc PR | --- While playing around with Symfony in a PHP 7.1 application I noticed a warning in how EnvParameterResoure uses unserialize. Since PHP 7.0 introduced the options argument which allows to restrict which classes can be unserialized for better security, it might make sense to use it here. As far as I can tell this is no BC break, it only provides an additional safety mechanism. Commits ------- b4201810b9 Conditionally add options to unserialize in PHP 7.0+.		2017-02-12 20:14:59 +01:00
..
AutowireServiceResource.php	minor #21090 Secure unserialize by restricting allowed classes when using PHP 7 (dbrumann)	2017-02-12 20:14:59 +01:00