php.ini for production
Ryan Schmidt
ryandesign at macports.org
Sun Sep 6 04:34:14 PDT 2009
On Sep 6, 2009, at 01:21, Scott Haneda wrote:
> Does anyone know more about why in php.ini for production the below
> is set?
> request_order = "GP"
>
> This makes $_REQUEST not contain cookies, which for one reason or
> another took me a long time to pin down. I can not really think of
> why this would be a bad thing to have C or S in that list for that
> matter.
Googling for 'request_order = "GP"' I found this explanation which is
quite detailed:
http://www.suspekt.org/2008/10/01/php-53-and-delayed-cross-site-request-forgerieshijacking/
I had no idea! Looks like it's a good idea they've changed it.
More information about the macports-dev
mailing list