mirror_php/TCPDF
1
0
Fork 0
mirror of https://github.com/tecnickcom/TCPDF.git synced 2025-03-23 23:49:42 +01:00
Code Issues Projects Releases Wiki Activity

Merge pull request #319 from Ayesh/curl-hardening

Browse Source 
Curl Security: Limit protocols and redirects
This commit is contained in:
Nicola Asuni 2021-03-27 08:36:19 +00:00 committed by GitHub
commit f930ac7cea
No known key found for this signature in database
GPG Key ID: 4AEE18F83AFDEB23
1 changed files with 8 additions and 0 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

8
include/tcpdf_static.php
View File

@ -1842,6 +1842,10 @@ class TCPDF_STATIC {
curl_setopt($crs, CURLOPT_SSL_VERIFYPEER, false);
curl_setopt($crs, CURLOPT_SSL_VERIFYHOST, false);
curl_setopt($crs, CURLOPT_USERAGENT, 'tc-lib-file');
curl_setopt($crs, CURLOPT_MAXREDIRS, 5);
if (defined('CURLOPT_PROTOCOLS')) {
curl_setopt($crs, CURLOPT_PROTOCOLS, CURLPROTO_HTTPS | CURLPROTO_HTTP | CURLPROTO_FTP | CURLPROTO_FTPS);
}
curl_exec($crs);
$code = curl_getinfo($crs, CURLINFO_HTTP_CODE);
curl_close($crs);
@ -1973,6 +1977,10 @@ class TCPDF_STATIC {
curl_setopt($crs, CURLOPT_SSL_VERIFYPEER, false);
curl_setopt($crs, CURLOPT_SSL_VERIFYHOST, false);
curl_setopt($crs, CURLOPT_USERAGENT, 'tc-lib-file');
curl_setopt($crs, CURLOPT_MAXREDIRS, 5);
if (defined('CURLOPT_PROTOCOLS')) {
curl_setopt($crs, CURLOPT_PROTOCOLS, CURLPROTO_HTTPS | CURLPROTO_HTTP | CURLPROTO_FTP | CURLPROTO_FTPS);
}
$ret = curl_exec($crs);
curl_close($crs);
if ($ret !== false) {