cakephp2-php8

mirror of https://github.com/kamilwylegala/cakephp2-php8.git synced 2024-11-15 03:18:26 +00:00

History

mark_story 48af49ddde Don't trust CLIENT_IP The client_ip header can easily be forged. In 'safe' modes we should only trust the remote_addr which comes from the sapi. Remove support for http_clientaddress as I can't seem to find where this ever came from in PHP on the http specs.	2016-03-10 22:04:13 -05:00
..
Cake	Don't trust CLIENT_IP	2016-03-10 22:04:13 -05:00

mark_story 48af49ddde Don't trust CLIENT_IP

The client_ip header can easily be forged. In 'safe' modes we should
only trust the remote_addr which comes from the sapi. Remove support for
http_clientaddress as I can't seem to find where this ever came from in
PHP on the http specs.

2016-03-10 22:04:13 -05:00

Cake

Don't trust CLIENT_IP

2016-03-10 22:04:13 -05:00