CodeVoyager

PHP Library for Safe & Sandboxed PHP

Edit Page

PHP Library for Safe & Sandboxed PHP

Potreban mi je sandboxed env.

Sandboxed Templating Engines

Jedna mogućnost je bio Templating engines in PHP: Blade (Laravel), Twig (Sandboxed), Latte (Sandboxed), Plates, Volt, to name a few. I kako je Latte najsigurniji: Quiz: Can you defend against XSS vulnerability? – Nette Blog

Analiza iz 2009 Fabien Potencier i neophodnost Sandbox moda, Templating Engines in PHP |Articles, odnonsno kako je preuzeo Twig.

Sandboxed PHP

Meni je potrebno da omogućim ama baš sve WP funkcije i da samo napomenem koje su zabranjene odnosno blacklisted.

Tu je apsolutni standard Corveda/PHPSandbox: A PHP-based sandboxing library with a full suite of configuration and validation options.

Super mali i brzi je apioo/psx-sandbox: Execute PHP code in a sandbox, ali nema blacklisting nego whitelisting samo.

Takođe, mogu da proverim sintaxu i security pre snimanja i sa linterom: overtrue/phplint: 🐛 A tool that can speed up linting of php files by running several lint processes at once. ali pretpostavljam da to može i sa PHPStan

Blacklisted functions in WP and PHP

Ove funkcije treba da preskačem: Be Watchful: PHP And WordPress Functions That Can Make Your Site Insecure — Smashing Magazine i XSS Attack in WordPress : The Developer’s Guide on how to prevent one • WPShout

date 08. Nov 2023 | modified 29. Dec 2023
filename: PHP » Sandboxed Safe PHP
Article Content