Commit 159c56ae authored by mh's avatar mh
Browse files

add more allowed include and require

parent 58d26857
......@@ -13,9 +13,13 @@ sp.disable_function.function("putenv").param("setting").value_r("LD_").drop();',
sp.disable_function.function("require_once").value_r("\.php$").allow();
# wordpress requires .svg
sp.disable_function.function("require_once").value_r("\.svg$").allow();
# drupal requires .inc
sp.disable_function.function("require_once").value_r("\.inc$").allow();
sp.disable_function.function("include_once").value_r("\.php$").allow();
sp.disable_function.function("require").value_r("\.php$").allow();
sp.disable_function.function("include").value_r("\.php$").allow();
sp.disable_function.function("require").value_r("\.inc$").allow();
sp.disable_function.function("include").value_r("\.inc$").allow();
sp.disable_function.function("require_once").drop();
sp.disable_function.function("include_once").drop();',
'040-system' => '# Prevent `system`-related injections
......
Markdown is supported
0% or .
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment