1a84c758e1
Co-authored-by: hendrik-buchwald-sonarsource <64110887+hendrik-buchwald-sonarsource@users.noreply.github.com>
50 lines
837 B
Plaintext
50 lines
837 B
Plaintext
|
|
== How to fix it in Core PHP
|
|
|
|
=== Code examples
|
|
|
|
==== Noncompliant code example
|
|
|
|
[source,php,diff-id=1,diff-type=noncompliant]
|
|
----
|
|
$opts = array(
|
|
'ssl' => [
|
|
'crypto_method' => STREAM_CRYPTO_METHOD_TLSv1_1_CLIENT // Noncompliant
|
|
],
|
|
'http'=>array(
|
|
'method'=>"GET"
|
|
)
|
|
);
|
|
|
|
$context = stream_context_create($opts);
|
|
|
|
$fp = fopen('https://www.example.com', 'r', false, $context);
|
|
fpassthru($fp);
|
|
fclose($fp);
|
|
----
|
|
|
|
==== Compliant solution
|
|
|
|
[source,php,diff-id=1,diff-type=compliant]
|
|
----
|
|
$opts = array(
|
|
'ssl' => [
|
|
'crypto_method' => STREAM_CRYPTO_METHOD_TLSv1_2_CLIENT
|
|
],
|
|
'http'=>array(
|
|
'method'=>"GET"
|
|
)
|
|
);
|
|
|
|
$context = stream_context_create($opts);
|
|
|
|
$fp = fopen('https://www.example.com', 'r', false, $context);
|
|
fpassthru($fp);
|
|
fclose($fp);
|
|
----
|
|
|
|
=== How does this work?
|
|
|
|
include::../../common/fix/fix.adoc[]
|
|
|