PHPDeveloper.org: Stefan Esser's Blog: Suhosin 0.9.21 - XSS Protection

	News Feed
	Jobs Feed

Sections

Tutorials

Books

Events

Talks

Jobs

Recent Jobs

Job Posting: Quinstreet, Inc. Seeks Sr. PHP Developer (Foster City, CA)

Job Posting: WideEye Interactive/Moroch Advertising Seeks Web Developer (Dallas, TX)

Job Posting: Project People Ltd (Recruiter) Seeks PHP Developer (Paris, France)

Job Posting: Snelling (Recruiter) Seeks Web Programmer (Boston, MA)

Job Posting: Veedow Seeks Senior PHP Developer/Architect (London, UK)

Job Posting: Apex Systems (Recruiter) Seeks PHP Web Developers (Tampa, FL)

Job Posting: WordStream Seeks Web Application Developer (Needham, MA)

Job Posting: JS Creative Seeks Web Developer (Atlanta, GA)

Job Posting: Kodak Graphic Communications Group Seeks PHP Application Developer (Stamford, CT)

Job Posting: RJ Byrd (Recruiter) Seeks PHP Application Developer (Dallas, TX)

News Archive

IBM developerWorks: 30 game scripts you can write in PHP, Part 1: Creating 10 fundamental scripts

WebReference.com: Administering RBAC in PHP 5 CMS Framework

Douglas Clifton's Blog: PHP Specificity (a Five-part Series)

PHPro.org: Class Hierachies And Overriding

Hiveminds: PHP is a skill not a profession

Site News: Blast from the Past - One Year Ago in PHP

Zend Developer Zone: Dynamically Generating PDF Files with PHP and Haru

Jani Hartikainen's Blog: Base classes in OOP programming languages

Community News: PHP Quebec 2009 Schedule Announced

Community News: Latest Releases from PHPClasses.org

Stefan Esser's Blog:
Suhosin 0.9.21 - XSS Protection

by Chris Cornutt November 30, 2007 @ 11:17:00

Stefan Esser has posted about the release of the latest version of the Suhosin security patch for PHP - version 0.9.21.

It has been a very long time since the last Suhosin extension has been released, but today this has changed with the release of Suhosin 0.9.21. Among the changes are two new features that will protect applications that put to much trust into the SERVER variables from several XSS (and SQL injection) attacks. These features are suhosin.server.strip and suhosin.server.encode.

He details these two features and gives examples of what they protect from. You can find out more about the Suhosin patch on its website.

0 comments voice your opinion now!
xss protection suhosin server strip encode xss protection suhosin server strip encode

Similar Posts

Stefan Esser's Blog: Suhosin 0.9.21 - XSS Protection

Greg Beaver's Blog: Chiara_PEAR_Server 0.18.7 released - a must-upgrade!

Markus Wolff's Blog: Zend Framework CLA

Netmag.co.uk: Make your own Soap

PeterGuy.com: How to install PHP 5.x on Windows Server 2003 with IIS 6

Community Events

Don't see your event here?
Let us know!

All content copyright, 2008 PHPDeveloper.org :: info@phpdeveloper.org - Powered by the Solar PHP Framework