head 1.1; access; symbols pkgsrc-2026Q1:1.1.0.52 pkgsrc-2026Q1-base:1.1 pkgsrc-2025Q4:1.1.0.50 pkgsrc-2025Q4-base:1.1 pkgsrc-2025Q3:1.1.0.48 pkgsrc-2025Q3-base:1.1 pkgsrc-2025Q2:1.1.0.46 pkgsrc-2025Q2-base:1.1 pkgsrc-2025Q1:1.1.0.44 pkgsrc-2025Q1-base:1.1 pkgsrc-2024Q4:1.1.0.42 pkgsrc-2024Q4-base:1.1 pkgsrc-2024Q3:1.1.0.40 pkgsrc-2024Q3-base:1.1 pkgsrc-2024Q2:1.1.0.38 pkgsrc-2024Q2-base:1.1 pkgsrc-2024Q1:1.1.0.36 pkgsrc-2024Q1-base:1.1 pkgsrc-2023Q4:1.1.0.34 pkgsrc-2023Q4-base:1.1 pkgsrc-2023Q3:1.1.0.32 pkgsrc-2023Q3-base:1.1 pkgsrc-2023Q2:1.1.0.30 pkgsrc-2023Q2-base:1.1 pkgsrc-2023Q1:1.1.0.28 pkgsrc-2023Q1-base:1.1 pkgsrc-2022Q4:1.1.0.26 pkgsrc-2022Q4-base:1.1 pkgsrc-2022Q3:1.1.0.24 pkgsrc-2022Q3-base:1.1 pkgsrc-2022Q2:1.1.0.22 pkgsrc-2022Q2-base:1.1 pkgsrc-2022Q1:1.1.0.20 pkgsrc-2022Q1-base:1.1 pkgsrc-2021Q4:1.1.0.18 pkgsrc-2021Q4-base:1.1 pkgsrc-2021Q3:1.1.0.16 pkgsrc-2021Q3-base:1.1 pkgsrc-2021Q2:1.1.0.14 pkgsrc-2021Q2-base:1.1 pkgsrc-2021Q1:1.1.0.12 pkgsrc-2021Q1-base:1.1 pkgsrc-2020Q4:1.1.0.10 pkgsrc-2020Q4-base:1.1 pkgsrc-2020Q3:1.1.0.8 pkgsrc-2020Q3-base:1.1 pkgsrc-2020Q2:1.1.0.6 pkgsrc-2020Q2-base:1.1 pkgsrc-2020Q1:1.1.0.2 pkgsrc-2020Q1-base:1.1 pkgsrc-2019Q4:1.1.0.4 pkgsrc-2019Q4-base:1.1; locks; strict; comment @# @; 1.1 date 2019.12.15.17.56.34; author taca; state Exp; branches; next ; commitid jVQkc3fk7zZvuPOB; desc @@ 1.1 log @lang/php74: Add php74 version 7.4.0 pacakge. Add php74 version 7.4.0 pacakge based on php73. PHP is a widely-used open source general-purpose scripting language that is especially suited for web development and can be embedded into HTML. It is modular, and object-oriented. Much of its syntax is borrowed from C, Java and Perl with a couple of unique PHP-specific features thrown in. The language is designed to allow web developers to write dynamically generated pages quickly. PHP 7.4 comes with numerous improvements and new features such as * Typed Properties * Arrow Functions * Limited Return Type Covariance and Argument Type Contravariance * Unpacking Inside Arrays * Numeric Literal Separator * Weak References * Allow Exceptions from __toString() * Opcache Preloading * Several Deprecations * Extensions Removed from the Core @ text @$NetBSD$ Add build-time disable option for dangerous php://filter URL php://filter URL is a feature documented here: http://php.net/manual/en/wrappers.php.php Unfortunately, it allows remote control of include() behavior beyond what many developpers expected, enabling easy dump of PHP source files. The administrator may want to disable the feature for security sake, and this patch makes that possible. --- ext/standard/php_fopen_wrapper.c.orig 2019-11-19 10:24:58.000000000 +0000 +++ ext/standard/php_fopen_wrapper.c @@@@ -338,6 +338,7 @@@@ php_stream * php_stream_url_wrap_php(php "[%d]: %s", fildes_ori, errno, strerror(errno)); return NULL; } +#ifndef DISABLE_FILTER_URL } else if (!strncasecmp(path, "filter/", 7)) { /* Save time/memory when chain isn't specified */ if (strchr(mode, 'r') || strchr(mode, '+')) { @@@@ -380,6 +381,7 @@@@ php_stream * php_stream_url_wrap_php(php } return stream; +#endif /* !DISABLE_FILTER_URL */ } else { /* invalid php://thingy */ php_error_docref(NULL, E_WARNING, "Invalid php:// URL specified"); @