Skip to content

"The domain here can be compromised, consider introducing whitelists." But whitelist is in place exactly as recommended #1893

Description

@MHCreations
Subject Details
Plugin Php Inspections (EA Extended) V5.0.0.0
Language level PHP 7.3, PHP 8.0+
PhpStorm Version PhpStorm 2023.1

Current behaviour

Current behaviour highlights risk of using $_SERVER['HTTP_HOST'] and suggests whitelisting.

However, the code in place uses the exact whitelisting method as outlined in the linked documentation.

phpstorm_ea_whitelisting

Syntax tweaks (such as explicitly adding ===true, etc. ) do not effect this issue highlighting.

Expected behaviour

Plugin should recognise when the code is fitting the expected syntax to mitigate the risk highlighted.

Information from Help - About dialog

Metadata

Metadata

Assignees

No one assigned

    Labels

    No labels
    No labels

    Projects

    No projects

    Milestone

    No milestone

    Relationships

    None yet

    Development

    No branches or pull requests

    Issue actions