https://www.mediawiki.org/wiki/Special:Code/MediaWiki/114324
Revision: 114324
Author: dantman
Date: 2012-03-20 22:58:34 +0000 (Tue, 20 Mar 2012)
Log Message:
-----------
Security paranoia, reject requests to router.php that aren't from the
cli-server sapi.
Modified Paths:
--------------
trunk/phase3/maintenance/dev/includes/router.php
Modified: trunk/phase3/maintenance/dev/includes/router.php
===================================================================
--- trunk/phase3/maintenance/dev/includes/router.php 2012-03-20 22:53:41 UTC
(rev 114323)
+++ trunk/phase3/maintenance/dev/includes/router.php 2012-03-20 22:58:34 UTC
(rev 114324)
@@ -3,6 +3,10 @@
# Router for the php cli-server built-in webserver
# http://ca2.php.net/manual/en/features.commandline.webserver.php
+if ( php_sapi_name() != 'cli-server' ) {
+ die( "This script can only be run by php's cli-server sapi." );
+}
+
ini_set('display_errors', 1);
error_reporting(E_ALL);
_______________________________________________
MediaWiki-CVS mailing list
[email protected]
https://lists.wikimedia.org/mailman/listinfo/mediawiki-cvs
