1. How Can PHP Parse JSON Data from a Post Request in a Secure Way to Avoid Hash DoS Attacks
Updated on: 2022-06-16
Posted on: 2022-06-16
A Hash DoS attack is a security attack that may affect PHP applications that use arrays or objects to pass parameters from clients to PHP using HTTP request variables.
This vulnerability may affect PHP versions that do not avoid collisions of hash data structures that may take many keys that result in the same hash value to determine how PHP's arrays and objects are stored internally.
PHP provides better alternative methods to store arrays and objects more immune to this vulnerability.
This package implements a parser for JSON strings that uses an alternative method to store values or JSON objects passed to PHP from HTTP requests like those used to call APIs implemented in PHP.
More ... Post a comment See comments (0) Trackbacks (0)
This vulnerability may affect PHP versions that do not avoid collisions of hash data structures that may take many keys that result in the same hash value to determine how PHP's arrays and objects are stored internally.
PHP provides better alternative methods to store arrays and objects more immune to this vulnerability.
This package implements a parser for JSON strings that uses an alternative method to store values or JSON objects passed to PHP from HTTP requests like those used to call APIs implemented in PHP.
More ... Post a comment See comments (0) Trackbacks (0)