Yasuo Ohgaki in php.internals (Wed, 25 Feb 2015 19:07:05 +0900):
>I understand people do all kinds of things.
>Therefore, I'm allowing
>
>ini_set('zend.script_extension', ''); // Disable protections at all.
>
>It's users choice if they use systematically secure configuration or not.
>However, providing systematically secure method/configuration is our
>responsibility. IMHO.It woould be far better if you could adjust the zend.script_extension setting through .htaccess. Then frameworks can easily switch to the new system without any code changes at all. PHP_INI_ALL suggests it should be possible with .htaccess. If so, how? Jan -- PHP Internals - PHP Runtime Development Mailing List To unsubscribe, visit: http://www.php.net/unsub.php
