diff options
| author | Christoph M. Becker <cmbecker69@gmx.de> | 2016-09-26 18:43:03 +0200 |
|---|---|---|
| committer | Christoph M. Becker <cmbecker69@gmx.de> | 2016-09-26 18:43:03 +0200 |
| commit | 5e102d5685a1bb2cf14dcc08728e6a2e6dcea18a (patch) | |
| tree | ddef533a4b8c9654016ed2a1cd012bf8eb2c014c | |
| parent | eaee65080ee504f70f663c75c3e17de5125cba85 (diff) | |
| parent | 4f0960a800202323ac0b9d1d8041ad8dce31db98 (diff) | |
| download | php-git-5e102d5685a1bb2cf14dcc08728e6a2e6dcea18a.tar.gz | |
Merge branch 'PHP-5.6' into PHP-7.0
| -rw-r--r-- | php.ini-development | 12 | ||||
| -rw-r--r-- | php.ini-production | 12 |
2 files changed, 24 insertions, 0 deletions
diff --git a/php.ini-development b/php.ini-development index fe9942d83d..c1f92c6c0d 100644 --- a/php.ini-development +++ b/php.ini-development @@ -759,6 +759,11 @@ enable_dl = Off ; http://php.net/cgi.fix-pathinfo ;cgi.fix_pathinfo=1 +; if cgi.discard_path is enabled, the PHP CGI binary can safely be placed outside +; of the web tree and people will not be able to circumvent .htaccess security. +; http://php.net/cgi.dicard-path +;cgi.discard_path=1 + ; FastCGI under IIS (on WINNT based OS) supports the ability to impersonate ; security tokens of the calling client. This allows IIS to define the ; security context that the request runs under. mod_fastcgi under Apache @@ -779,6 +784,13 @@ enable_dl = Off ; http://php.net/cgi.rfc2616-headers ;cgi.rfc2616_headers = 0 +; cgi.check_shebang_line controls whether CGI PHP checks for line starting with #! +; (shebang) at the top of the running script. This line might be needed if the +; script support running both as stand-alone script and via PHP CGI<. PHP in CGI +; mode skips this line and ignores its content if this directive is turned on. +; http://php.net/cgi.check-shebang-line +;cgi.check_shebang_line=1 + ;;;;;;;;;;;;;;;; ; File Uploads ; ;;;;;;;;;;;;;;;; diff --git a/php.ini-production b/php.ini-production index 35a4ddd85a..a2c3240aaa 100644 --- a/php.ini-production +++ b/php.ini-production @@ -759,6 +759,11 @@ enable_dl = Off ; http://php.net/cgi.fix-pathinfo ;cgi.fix_pathinfo=1 +; if cgi.discard_path is enabled, the PHP CGI binary can safely be placed outside +; of the web tree and people will not be able to circumvent .htaccess security. +; http://php.net/cgi.dicard-path +;cgi.discard_path=1 + ; FastCGI under IIS (on WINNT based OS) supports the ability to impersonate ; security tokens of the calling client. This allows IIS to define the ; security context that the request runs under. mod_fastcgi under Apache @@ -779,6 +784,13 @@ enable_dl = Off ; http://php.net/cgi.rfc2616-headers ;cgi.rfc2616_headers = 0 +; cgi.check_shebang_line controls whether CGI PHP checks for line starting with #! +; (shebang) at the top of the running script. This line might be needed if the +; script support running both as stand-alone script and via PHP CGI<. PHP in CGI +; mode skips this line and ignores its content if this directive is turned on. +; http://php.net/cgi.check-shebang-line +;cgi.check_shebang_line=1 + ;;;;;;;;;;;;;;;; ; File Uploads ; ;;;;;;;;;;;;;;;; |