{var%20f='http://v.t.sina.com.cn/share/share.php?appkey=1515056452',u=z||d.location,p=['&url=',e(u),'&title=',e(t||d.title),'&source=',e(r),'&sourceUrl=',e(l),'&content=',c||'gb2312','&pic=',e(p||'')].join('');function%20a(){if(!window.open([f,p].join(''),'mb',['toolbar=0,status=0,resizable=1,width=440,height=430,left=',(s.width-440)/2,',top=',(s.height-430)/2].join('')))u.href=[f,p].join('');};if(/Firefox/.test(navigator.userAgent))setTimeout(a,0);else%20a();})(screen,document,encodeURIComponent,'','','https://www.manongdao.com/data/attach/logo/logo.png', '推荐 甜甜的少女心 的问题《Security issues with PHP's Readfile method》','https://www.manongdao.com/q-855088.html','页面编码gb2312|utf-8默认gb2312'));){kind=link}
Hey. Are there any security issues I should worry about when using the readfile method in PHP? I'd like to use the readfile method that takes in the URL of a file stored on various third party servers. I then serve the file to the user. Intuitively, it would seem that there would be a risk as the URL could point to any file. On the other hand, I'm only using the readfile method (after processing some file-independent data) and not sure if this would allow anything malicious to execute on my server. Also, according to the manual, it seems that if I want to use a URL with readfile, I need to enable fopen wrappers. Thanks.
相关问题
- Views base64 encoded blob in HTML with PHP
- Laravel Option Select - Default Issue
- PHP Recursively File Folder Scan Sorted by Modific
- Can php detect if javascript is on or not?
- Using similar_text and strpos together
I think you just need to focus on two things:
1) Do not allow your users to specify which file is read by readfile. (Potential for directory traversal attacks, etc.)
2) Do not allow the users to modify the file that is read by readfile. (Potential for all kinds of mischief!)
Off the top of my head, those strike me as the two most likely attack vectors you'll encounter regarding readfile.
The biggest security risk is the injection of a malformed request to serve up files from your file. I.e., passing relative paths.
Allow_url_fopen is also a security risk if you do not be careful. It can allow requests served through readfile(), include(), etc to interpret PHP code if that's what the request served back.
readfiledoes not execute the code on your server so there is no issue there.However, some strange folks could use your server to perform web requests in order to get your server into trouble by making unauthorized requests or cause overloading so you'll want to keep that in mind when coding this type of functionality.
Yes, you'll need to make sure that allow_url_fopen is on. if it isn't, you'll have to look into using cURL.