Hi Jan,
On Thu, Feb 26, 2015 at 12:07 AM, Jan Ehrhardt <php...@ehrhardt.nl> wrote:
> Yasuo Ohgaki in php.internals (Wed, 25 Feb 2015 19:07:05 +0900):
> >I understand people do all kinds of things.
> >Therefore, I'm allowing
> >
> >ini_set('zend.script_extension', ''); // Disable protections at all.
> >
> >It's users choice if they use systematically secure configuration or not.
> >However, providing systematically secure method/configuration is our
> >responsibility. IMHO.
>
> It woould be far better if you could adjust the zend.script_extension
> setting through .htaccess. Then frameworks can easily switch to the new
> system without any code changes at all.
>
> PHP_INI_ALL suggests it should be possible with .htaccess. If so, how?
>
I probably don't understand your question. We already have php_value and
php_admin_value
to change INI value in .htaccess (and like).
php_value "zend.script_extensions" ".php .myext" # Works like globals
ini_set()
php_admin_value "zend.script_extensions" ".php .myext" # The same as
above, except script cannot change this setting.
Did you mean this feature is needed? If so, we already have.
Regards,
--
Yasuo Ohgaki
yohg...@ohgaki.net
