-- Matthew Weier O'Phinney <[EMAIL PROTECTED]> wrote
(on Thursday, 24 July 2008, 08:29 AM -0400):
> -- Bruno Friedmann <[EMAIL PROTECTED]> wrote
> (on Thursday, 24 July 2008, 11:05 AM +0200):
> > till wrote:
> > What I've found sound strange to me ... sorry
> > never see this before ... :-)
> >
> > [error] [client 127.0.0.1] ALERT - Include filename
> > ('zend.view:///home/bruno/workspace/socketfinder/sf/application/modules/default/views/scripts/index/index.phtml')
> > is an URL that
> > is not allowed (attacker '127.0.0.1', file
> > '/ioda/data/web-include/ZF/library/Zend/View.php', line 105)
>
> Aha! I added what was supposed to be an optional streams layer for
> Zend_View to allow using short tags when short tags are disabled.
> However, it's supposed to be off by default.
>
> I'll correct this in svn today -- thanks for the report!
I've filed an issue if you want to vote or watch on it:
http://framework.zend.com/issues/browse/ZF-3739
--
Matthew Weier O'Phinney
Software Architect | [EMAIL PROTECTED]
Zend Framework | http://framework.zend.com/
