View Issue Details
| ID | Project | Category | View Status | Date Submitted | Last Update |
|---|---|---|---|---|---|
| 0005633 | OXID eShop (all versions) | 4.04. Security | public | 2014-01-31 14:41 | 2015-03-12 16:45 |
| Reporter | marco_steinhaeuser | Assigned To | |||
| Priority | normal | Severity | feature | Reproducibility | always |
| Status | closed | Resolution | suspended | ||
| Product Version | 4.8.3 / 5.1.3 | ||||
| Target Version | 4.8.5 / 5.1.5 | ||||
| Summary | 0005633: replace allow_url_fopen by cURL | ||||
| Description | In OXID eShop, there are some methods to require allow_url_fopen in the PHP configuration of the server. In the shop itself it is actually not a problem because everything is escaped properly via quote() etc. but could become a security problem if modules were not coded properly. Therefore, it is more appreciated, more smart and modern to use methods for cURL instead of allow_url_fopen. | ||||
| Additional Information | http://forum.oxid-esales.com/showthread.php?t=22014 | ||||
| Tags | No tags attached. | ||||
| Theme | Both | ||||
| Browser | All | ||||
| PHP Version | any | ||||
| Database Version | any | ||||
