PHP 7's security improved unserialize() function
PHP 7 has introduced options parameter in infamously abused unserialize function. This options parameter enables developers to explicitly define allowed classes to prevent potential code injections.
Hope other languages can inherit from this approach.
http://php.net/manual/en/function.unserialize.php
Hope other languages can inherit from this approach.
http://php.net/manual/en/function.unserialize.php
Comments
Post a Comment