iniscan icon indicating copy to clipboard operation
iniscan copied to clipboard

Published 20 hours ago verified publisher icon psecio

Duplicate "post_max_size" rule

Open steffenweber opened this issue 10 years ago • 1 comments

This rule exists in two places:

  1. https://github.com/psecio/iniscan/blob/master/src/Psecio/Iniscan/rules.json (twice)
  2. https://github.com/psecio/iniscan/blob/master/src/Psecio/Iniscan/Rule/MaximumPostSize.php
== Executing INI Scan [09.02.2014 12:47:18] ==
...
FAIL   | WARNING  |             | post_max_size            | Unless necessary, a maximum post size of 16M is too large
...
PASS   | WARNING  |             | post_max_size            | A maximum post size should be defined to prevent server overload from large requests
FAIL   | WARNING  |             | post_max_size            | The max upload size should not be too high, to prevent server overload from large requests
...

The first and third warning are duplicates.

steffenweber avatar Sep 02 '14 12:09 steffenweber

Ah, good point - I guess technically it was meant to be two different checks (one to see if it's set, one to see if it's reasonable) but I see no reason why they couldn't be combined into the MaximumPostSize.php and the description changed.

enygma avatar Sep 02 '14 13:09 enygma