unserialize() is insecure unless allowed classes are limited.

Created on 11 July 2023, 12 months ago

Problem/Motivation

In AssetData.php, PHPCS throws the errors:

FILE: C:\xampp\htdocs\backendassignment\web\modules\contrib\media_acquiadam\src\AssetData.php
------------------------------------------------------------------------------------------------------------------------------------------------
FOUND 4 ERRORS AFFECTING 4 LINES
------------------------------------------------------------------------------------------------------------------------------------------------
   1 | ERROR | [x] End of line character is invalid; expected "\n" but found "\r\n"
  90 | ERROR | [ ] unserialize() is insecure unless allowed classes are limited. Use a safe format like JSON or use the allowed_classes option.
 103 | ERROR | [ ] unserialize() is insecure unless allowed classes are limited. Use a safe format like JSON or use the allowed_classes option.
 111 | ERROR | [ ] unserialize() is insecure unless allowed classes are limited. Use a safe format like JSON or use the allowed_classes option.
------------------------------------------------------------------------------------------------------------------------------------------------
PHPCBF CAN FIX THE 1 MARKED SNIFF VIOLATIONS AUTOMATICALLY
------------------------------------------------------------------------------------------------------------------------------------------------

Steps to reproduce

Run the phpcs command on the module.

Proposed resolution

Set the 'allowed_classes' option to false.

Remaining tasks

User interface changes

API changes

Data model changes

📌 Task

Status

Closed: won't fix

Version

2.0

Component

Code

Created by

🇮🇳India sidharth_soman Bangalore

Live updates comments and jobs are added and updated live.

Coding standards
It involves compliance with, or the content of coding standards. Requires broad community agreement.

Comments & Activities

Issue created by @sidharth_soman
Issue was unassigned.
Status changed to Needs review 12 months ago5:24am 11 July 2023
Open in Jenkins → Open on Drupal.org →
Core: 10.0.7 + Environment: PHP 8.1 & MySQL 5.7
last update 12 months ago
65 pass
Comment 12 months ago →
🇮🇳India sidharth_soman Bangalore
The issue has been fixed. Please review the patch.
Status changed to Closed: won't fix 12 months ago7:15pm 11 July 2023
Comment 12 months ago →
🇺🇸United States japerry KVUO
The data coming from the database is already sanitized. this is not needed.

contrib.social Blog FAQ Discussions

Production build 0.69.0 2024