besime
Reputation: 63
codeigniter benchmark {memory_usage} security
I'm making a website with codeigniter.
If a user writes {memory_usage} in his comment 2.75MB will be shown to him. doesn't it bring security vulnerability to codes written by codeigniter? Any reasonable(and common) way to prevent such problem?
Upvotes: 3
Views: 603
Answers (1)
doitlikejustin
Reputation: 6353
Add this to your controller:
$this->output->parse_exec_vars = FALSE;
Parsing Execution Variables
CodeIgniter will parse the pseudo-variables
{elapsed_time}and{memory_usage}in your output by default. To disable this, set the$parse_exec_varsclass property toFALSEin your controller.
Update, you may need to modify a core file in /system/core/Output.php
Change:
protected $parse_exec_vars = TRUE;
To:
public $parse_exec_vars = TRUE;
Now you will be able to set $this->output->parse_exec_vars to FALSE in your controller.
Upvotes: 2
Related Questions
- Allow Memory Size Codeigniter 4
- Codeigniter: Profiling and Performance
- CodeIgniter: Allowed memory exhausted
- Application Profiling: Memory Usage
- Sudden PHP Memory Leak in Codeigniter
- How can I determine CodeIgniter speed?
- Benchmarking in Code Igniter
- PHP codeigniter Memory usage around 4mb
- How do I flush memory use in CodeIgniter
- Insight into memory usage of a few web applications I have