PHP :: Request #30400 :: Option to disable full path disclosure on errors

Option to disable full path disclosure on errors

Submitted:

2004-10-11 18:42 UTC

Modified:

2013-10-28 11:03 UTC

Votes:	3
Avg. Score:	4.7 ± 0.5
Reproduced:	2 of 2 (100.0%)
Same Version:	2 (100.0%)
Same OS:	2 (100.0%)

From:

dari at nukedgallery dot net

Assigned:

krakjoe (profile)

Status:

Closed

Package:

*General Issues

PHP Version:

4.3.9

OS:

Linux/Windows

Private report:

CVE-ID:

None

View Developer Edit

Welcome back! If you're the original bug submitter, here's where you can edit the bug or add additional notes.
If you forgot your password, you can retrieve your password here.

Password:

Status:
Package:
Bug Type:
Summary:
From:	dari at nukedgallery dot net
New email:
PHP Version:		OS:

New Comment:

[2004-10-11 18:42 UTC] dari at nukedgallery dot net

Description:
------------
The one issue that continues to bug (no pun intended) me is the issue of full path disclosures in PHP.  Perhaps there should be some "debug only" or "admin only" type of option that can be enabled/disabled by the administrator.  if enabled, the full path would be shown (useful for hunting down bugs in software). if disabled, either 1) only the relative path would be shown, or 2) only the filename would be shown.

Patches

Pull Requests

History

AllCommentsChangesGit/SVN commitsRelated reports

[2013-10-28 11:03 UTC] krakjoe@php.net

-Status: Open +Status: Closed -Package: Feature/Change Request +Package: *General Issues -Assigned To: +Assigned To: krakjoe

[2013-10-28 11:03 UTC] krakjoe@php.net

This is not a problem for us to solve; if paths being exposed is a security concern in your environment then prepare your application to never expose paths.

Closing the request.

	php.net \| support \| documentation \| report a bug \| advanced search \| search howto \| statistics \| random bug \| login
go to bug id or search bugs for


Copyright © 2001-2025 The PHP Group All rights reserved.	Last updated: Thu Aug 14 04:00:03 2025 UTC