On 30 July 2015 19:25:47 BST, Anthony Ferrara <ircmax...@gmail.com> wrote: > I thought SOAP was dead already.
Tell that to the "Enterprises" who drag and drop in Visual Studio to create useless wrappers around hand-written XML because that's their definition of "web service". :P I don't fully understand where this vulnerability kicks in (other than <! ENTITY> which I don't think I've ever needed to consume) but any change in default behaviour needs to account for real-life usage, or it will simply become standard practice to switch it back to "insecure" mode. Regards, -- Rowan Collins [IMSoP] -- PHP Internals - PHP Runtime Development Mailing List To unsubscribe, visit: http://www.php.net/unsub.php
