mirror of
https://we.phorge.it/source/phorge.git
synced 2024-12-18 11:30:55 +01:00
Disable SimpleXML entity loader in Phabricator
Summary: See D8049. Same deal as that one, but this is in the Phabricator web stack. Test Plan: Man oh man. Reviewers: btrahan Reviewed By: btrahan CC: aran Differential Revision: https://secure.phabricator.com/D8050
This commit is contained in:
parent
57f1a83488
commit
1a964f71bb
1 changed files with 5 additions and 0 deletions
|
@ -280,6 +280,11 @@ final class PhabricatorStartup {
|
|||
private static function setupPHP() {
|
||||
error_reporting(E_ALL | E_STRICT);
|
||||
ini_set('memory_limit', -1);
|
||||
|
||||
// If we have libxml, disable the incredibly dangerous entity loader.
|
||||
if (function_exists('libxml_disable_entity_loader')) {
|
||||
libxml_disable_entity_loader(true);
|
||||
}
|
||||
}
|
||||
|
||||
/**
|
||||
|
|
Loading…
Reference in a new issue