7 commits

Author	SHA1	Message	Date
Aryeh Gregor	a15c419b3d	Remove ?>'s from files. They're pointless, and just asking for people to mess with the files and add trailing whitespace. (Yes, I looked over every one and reverted those that were bogus. Slash-enter a million times in less worked well enough, although it was a bit mind-numbing.)	2007-06-29 01:19:14 +00:00
Tim Starling	50eb8b5da4	profiling	2007-04-15 00:20:24 +00:00
Tim Starling	28dc3ec888	* Moved the main ob_start() from the default LocalSettings.php to WebStart.php. ... The ob_start() section should preferably be removed from older LocalSettings.php files. * Give Content-Length header for HTTP/1.0 clients. * Partial support for Flash cross-domain-policy filtering. Text entry points should be protected, but uploads are not.	2007-02-19 23:03:37 +00:00
Ilmari Karonen	305522e4e6	Detect PHP 5.0.x 64-bit bug and abort in WebStart.php; too many things break ... mysteriously otherwise (detection code copied from install-utils.inc)	2006-12-17 13:40:28 +00:00
Brion Vibber	a898dff34e	* Improved register_globals paranoia checks	2006-10-11 18:14:27 +00:00
Tim Starling	558487ceac	Active protection against register_globals vulnerabilities. Unset all globals which have been set by $_REQUEST, in WebStart.php. All entry points must assume that a user can unset any arbitrary global set before WebStart.php is invoked. This is not usually a problem since most entry points do not set globals before WebStart.php, Yuri's APIs apparently being the only exceptions.	2006-10-11 03:44:49 +00:00
Tim Starling	3ea576aa25	Consolidated web initialisation code into includes/WebStart.php. Moved profiling setup to a hook file "StartProfiler.php", following Brion's suggestion to merge Wikimedia's early profiling patch into subversion. Renamed Profiling.php and logProfilingData(), removed unnecessary wfProfileClose() calls.	2006-07-14 05:35:31 +00:00