View Issue Details
ID | Project | Category | View Status | Date Submitted | Last Update |
---|---|---|---|---|---|
0005633 | OXID eShop (all versions) | 4.04. Security | public | 2014-01-31 14:41 | 2015-03-12 16:45 |
Reporter | marco_steinhaeuser | Assigned To | |||
Priority | normal | Severity | feature | Reproducibility | always |
Status | closed | Resolution | suspended | ||
Product Version | 4.8.3 / 5.1.3 | ||||
Target Version | 4.8.5 / 5.1.5 | ||||
Summary | 0005633: replace allow_url_fopen by cURL | ||||
Description | In OXID eShop, there are some methods to require allow_url_fopen in the PHP configuration of the server. In the shop itself it is actually not a problem because everything is escaped properly via quote() etc. but could become a security problem if modules were not coded properly. Therefore, it is more appreciated, more smart and modern to use methods for cURL instead of allow_url_fopen. | ||||
Additional Information | http://forum.oxid-esales.com/showthread.php?t=22014 | ||||
Tags | No tags attached. | ||||
Theme | Both | ||||
Browser | All | ||||
PHP Version | any | ||||
Database Version | any | ||||