From d7f69d8046516337fb31888d6c265f83109c8d99 Mon Sep 17 00:00:00 2001
From: Jelle van der Waa <jelle@archlinux.org>
Date: Sat, 2 Oct 2021 16:39:20 +0200
Subject: [PATCH] flyspray: don't allow fopen to open urls

---
 roles/flyspray/templates/php-fpm.conf.j2 | 1 +
 1 file changed, 1 insertion(+)

diff --git a/roles/flyspray/templates/php-fpm.conf.j2 b/roles/flyspray/templates/php-fpm.conf.j2
index beee2c0bd..83a467b14 100644
--- a/roles/flyspray/templates/php-fpm.conf.j2
+++ b/roles/flyspray/templates/php-fpm.conf.j2
@@ -22,3 +22,4 @@ php_admin_value[opcache.max_accelerated_files] = 200
 php_admin_value[opcache.revalidate_freq] = 60
 php_admin_value[opcache.fast_shutdown] = 1
 php_admin_value[disable_functions] = virtual, dl, suexec, popen, proc_nice, proc_open, proc_terminate, exec, passthru, system, show_source, shell_exec, escapeshellcmd, escapeshellarg
+php_admin_flag[allow_url_fopen] = off
-- 
GitLab