diff options
| author | Andrew Dolgov <[email protected]> | 2014-12-08 14:49:54 +0300 |
|---|---|---|
| committer | Andrew Dolgov <[email protected]> | 2014-12-08 14:49:54 +0300 |
| commit | 584411fee6ab22037db0201dfff9133b74c0ebac (patch) | |
| tree | 37785075c4e6772cb36a6e232e7245893790650a /include | |
| parent | 682c7c29119889d8d773cb8768b9168bbd3cec67 (diff) | |
disable libxml entity loader to prevent attacks via xml external entities (fixes #833)
Diffstat (limited to 'include')
| -rw-r--r-- | include/functions.php | 2 |
1 files changed, 2 insertions, 0 deletions
diff --git a/include/functions.php b/include/functions.php index 769c27af9..2f3daea10 100644 --- a/include/functions.php +++ b/include/functions.php @@ -14,6 +14,8 @@ $fetch_curl_used = false; $suppress_debugging = false; + libxml_disable_entity_loader(true); + mb_internal_encoding("UTF-8"); date_default_timezone_set('UTC'); if (defined('E_DEPRECATED')) { |