如何覆盖Suhosin最大值? [英] How to override suhosin max value?

问题描述

suhosin正在过滤重要的GET参数. 当以下操作不起作用时，如何覆盖suhosin?

An important GET param is being filtered by suhosin. How do I override suhosin when the following does not work?

public_html/php.ini:

[suhosin]
suhosin.get.max_value_length = 2048

将suhosin.get.max_value_length设置为NULL并导致用户会话崩溃.

Sets suhosin.get.max_value_length among others to NULL and crashes user session.

-

public_html/.htaccess:

<IfModule mod_php5.c>
    php_value suhosin.get.max_value_length 2048
</IfModule>

没有效果

-

(系统默认设置为:)

suhosin.get.max_value_length = 512
suhosin.get.max_value_length = 100000

要过滤的GET参数的长度为576个字符.

The GET parameter being filtered is 576 chars long.

推荐答案

我们可以通过重建$ _GET

We can bypass suhosin by re-building the $_GET

// Override suhosin $_GET limitation
  $_GET = array();
  $params = explode('&', $_SERVER['QUERY_STRING']);
  foreach ($params as $pair) {
    list($key, $value) = explode('=', $pair);
    $_GET[urldecode($key)] = urldecode($value);
  }

这篇关于如何覆盖Suhosin最大值?的文章就介绍到这了，希望我们推荐的答案对大家有所帮助，也希望大家多多支持IT屋！