archive/phabricator
1
0
Fork 0
Code Issues 1 Pull Requests Packages Projects Releases Wiki Activity

Disable SimpleXML entity loader in Phabricator

Browse Source 
Summary: See D8049. Same deal as that one, but this is in the Phabricator web stack.

Test Plan: Man oh man.

Reviewers: btrahan

Reviewed By: btrahan

CC: aran

Differential Revision: https://secure.phabricator.com/D8050
This commit is contained in:
epriestley
2014-01-23 14:00:44 -08:00
parent 57f1a83488
commit 1a964f71bb
1 changed files with 5 additions and 0 deletions
Download Patch File Download Diff File Expand all files Collapse all files

5
support/PhabricatorStartup.php
View File

@@ -280,6 +280,11 @@ final class PhabricatorStartup {
private static function setupPHP() { private static function setupPHP() {
error_reporting(E_ALL | E_STRICT); error_reporting(E_ALL | E_STRICT);
ini_set('memory_limit', -1); ini_set('memory_limit', -1);
// If we have libxml, disable the incredibly dangerous entity loader.
if (function_exists('libxml_disable_entity_loader')) {
libxml_disable_entity_loader(true);
}
} }
/** /**