PHP Classes

File: SECURITY.md

Recommend this page to a friend!
  Classes of Lars Moelleken   Portable UTF-8   SECURITY.md   Download  
File: SECURITY.md
Role: Auxiliary data
Content type: text/markdown
Description: Auxiliary data
Class: Portable UTF-8
Manipulate UTF-8 text strings in pure PHP
Author: By
Last change: Update of SECURITY.md
Date: 3 years ago
Size: 641 bytes
 

Contents

Class file image Download

Security Policy

Supported Versions

Please use the latest release you can find in the CHANGELOG.md.

Reporting a Vulnerability

Please disclose any vulnerabilities found responsibly - report any security problems found to the maintainers privately. For example you can write me a email: lars@moelleken.org

Known vulnerabilities

Portable UTF-8 versions prior to 5.4.26 (released 2019-11-05) have an open redirect vulnerability. The Bootup::filterRequestUri() method used a unsecure header('Location ... implentation. And because it's most secure to not use this method at all, I decided to disable the function by default.