PrestaShop-webservice-lib Improve security for lib

Questions Answers

Description? Security fix for libxml. Call libxml_disable_entity_loader(true) and add LIBXML_NONET option for simplexml_load_string.

Type? security fix

BC breaks? no

Deprecations? yes - libxml_disable_entity_loader not supported in reent PHP8.x - but protected with LIBXML_VERSION test

Fixed ticket? None

Sponsor company Applied in Dolibarr (not specifically sponsor company).

How to test? Test multiple PHP versions, regression test.

Questions	Answers
Description?	Security fix for libxml. Call libxml_disable_entity_loader(true) and add LIBXML_NONET option for simplexml_load_string.
Type?	security fix
BC breaks?	no
Deprecations?	yes - libxml_disable_entity_loader not supported in reent PHP8.x - but protected with LIBXML_VERSION test
Fixed ticket?	None
Sponsor company	Applied in Dolibarr (not specifically sponsor company).
How to test?	Test multiple PHP versions, regression test.

Dec 22 '23 11:12 mdeweerd

Hi @mdeweerd

Thank for your PR, This PR is too technical for me, ping @PrestaShop/tech-council, can someone please test this PR ?

Thanks

Feb 05 '24 14:02 AureRita

Thank you @mdeweerd and sorry for late merge

Jun 22 '24 19:06 matks

Improve security for lib_xml