News Feed
Sections




News Archive
Looking for more information on how to do PHP the right way? Check out PHP: The Right Way

Stefan Esser's Blog:
Suhosin 0.9.21 - XSS Protection
November 30, 2007 @ 11:17:00

Stefan Esser has posted about the release of the latest version of the Suhosin security patch for PHP - version 0.9.21.

It has been a very long time since the last Suhosin extension has been released, but today this has changed with the release of Suhosin 0.9.21. Among the changes are two new features that will protect applications that put to much trust into the SERVER variables from several XSS (and SQL injection) attacks. These features are suhosin.server.strip and suhosin.server.encode.

He details these two features and gives examples of what they protect from. You can find out more about the Suhosin patch on its website.

0 comments voice your opinion now!
xss protection suhosin server strip encode xss protection suhosin server strip encode


blog comments powered by Disqus

Similar Posts

Ibuildings techPortal: Building an Continuous Integration Server for PHP with Hudson

Daniel Krook\'s Blog: Public draft - Developing PHP Applications for IBM Data Servers

Gonzalo Ayuso: Playing with event dispatcher and Silex. Sending logs to a remote server.

Stefan Esser's Blog: Suhosin 0.9.21 - XSS Protection

PHP Web Services Blog: Payload the Way You Want with PHP5 built-in SOAP


Community Events





Don't see your event here?
Let us know!


opinion framework library voicesoftheelephpant version composer application podcast update symfony series community security introduction language tool interview release package laravel

All content copyright, 2014 PHPDeveloper.org :: info@phpdeveloper.org - Powered by the Solar PHP Framework