Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

A way to store values in $_ENV but not $_SERVER #196

Closed
benjaminkohl opened this issue Sep 9, 2016 · 2 comments
Closed

A way to store values in $_ENV but not $_SERVER #196

benjaminkohl opened this issue Sep 9, 2016 · 2 comments

Comments

@benjaminkohl
Copy link

It was brought to our attention that the $_SERVER super global's contents are dumped to the browser console when a particular CMS is in development mode. While we only do this on the dev site, we'd still like to keep our DB credentials out of the browser console.

Is there a way to make dotenv put/get from $_ENV entirely and not make any changes to $_SERVER?
@theofidry theofidry mentioned this issue Nov 12, 2016
Closed
@stedaniels
Copy link

See #200 this would mitigate this potential vulnerability in the CMS. Hopefully it'll get merged.

@schmunk42 schmunk42 mentioned this issue Jan 16, 2017
Closed
@GrahamCampbell
Copy link
Collaborator

Done in #300. See https://github.com/vlucas/phpdotenv#loader-customization for an example.

This issue was closed.
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
3 participants
@benjaminkohl @stedaniels @GrahamCampbell