Verified Commit 86bced91 authored by Alex Pott's avatar Alex Pott
Browse files

Issue #3191389 by anmolgoyal74, greggles, larowlan, mcdruid, pwolanin, brayfe:...

Issue #3191389 by anmolgoyal74, greggles, larowlan, mcdruid, pwolanin, brayfe: File Inclusion issue security hardening
parent de66aa93
......@@ -24,6 +24,12 @@
* @see http://php.net/manual/en/features.commandline.webserver.php
*/
if (PHP_SAPI !== 'cli-server') {
// Bail out if this is not PHP's Development Server.
header($_SERVER['SERVER_PROTOCOL'] . ' 403 Forbidden');
exit;
}
$url = parse_url($_SERVER['REQUEST_URI']);
if (file_exists(__DIR__ . $url['path'])) {
// Serve the requested resource as-is.
......
......@@ -24,6 +24,12 @@
* @see http://php.net/manual/en/features.commandline.webserver.php
*/
if (PHP_SAPI !== 'cli-server') {
// Bail out if this is not PHP's Development Server.
header($_SERVER['SERVER_PROTOCOL'] . ' 403 Forbidden');
exit;
}
$url = parse_url($_SERVER['REQUEST_URI']);
if (file_exists(__DIR__ . $url['path'])) {
// Serve the requested resource as-is.
......
Supports Markdown
0% or .
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment