*
Transparent Cookie Encryption :!:
*
Protects against different kinds of (Remote-)Include Vulnerabilities
o
disallows Remote URL inclusion (optional: black-/whitelisting)
o
disallows inclusiong of uploaded files
o
optionally stops directory traversal attacks
*
Allows disabling the preg_replace() /e modifier
*
Allows disabling eval()
*
Protects against infinite recursion through a configureabel maximum execution depth
*
Supports per Virtual Host / Directory configureable function black- and whitelists
*
Supports a separated function black- and whitelist for evaluated code
*
Protects against HTTP Response Splitting Vulnerabilities
*
Protects against scripts manipulating the memory_limit
*
Protects PHP‘s superglobals against extract() and import_request_vars()
*
Adds protection against newline attacks to mail()
*
Adds protection against \0 attack on preg_replace()
Rispondi quotando
