Categories

JavaScriptPHPHTMLCssPythonWordPressWeb developmentLinuxMySQLAndroidWindowsJavaC++ / C#LayoutReactUbuntuYiiDjangoProgramming1C-BitrixLaravelSystem administrationTelegramJSONDebianPostgreSQLIOSGoogleHtaccessWindows ServerGitMacOSGoogle ChromeCMSWooСommerceBootstrapNginxSQLUnityAPI
Make a leaderReport
2
2
2462014-05-03 11:30:49
PHP
246, 2014-05-03 11:30:49

How to protect a web application written in php from injecting external XML entities?

Hello.
You need to protect your web application (written in php using Symfony 2.0.18) from injecting external XML entities. Namely, according to the recommendation, "prohibit support for external entities (External Entity), external parameters of entities (External Parameter Entity) and external DTDs (External Doctype)".
The potentially dangerous simplexml_load_string command , which is used in particular in the phpexcel module.
Is it enough to use the libxml_disable_entity_loader(true) function ? And in what place of the project to execute it?

Reply
Answer the question

Answer the question

In order to leave comments, you need to log in

0 answer(s)
Similar questions
N
nickostyle2014-04-22 13:05:16
Is it possible to repost from social networks to the site? 9Reply
E
Evgeny Samsonov2015-04-05 17:45:37
What is the name of the USB device? 3Reply
P
Pavel2014-05-18 14:34:20
How to set up Chrome DevTools Autosave on windows? 4Reply
V
Vladimir Karpenko2017-04-19 19:41:47
What if there are two databases in an ASP.NET MVC5 project: one is database first, the other is code first? 3Reply
M
Matvey Bubenets2017-04-20 04:38:37
How to disable Remote Desktop Licensing? 6Reply

Didn't find what you were looking for?

Ask your question

Ask a Question

731 491 924 answers to any question