Skip to content

Commit

Permalink
Browse files Browse the repository at this point in the history
better security for public/stream.php
  • Loading branch information
Athlon1600 committed Mar 9, 2022
1 parent c7a14c5 commit 6ffe823
Showing 1 changed file with 5 additions and 0 deletions.
5 changes: 5 additions & 0 deletions src/YouTubeStreamer.php
Expand Up @@ -81,8 +81,13 @@ public function stream($url)
curl_setopt($ch, CURLOPT_BUFFERSIZE, $this->buffer_size);
curl_setopt($ch, CURLOPT_URL, $url);

// https://php.watch/articles/php-curl-security-hardening#curl-protocols
curl_setopt($ch, CURLOPT_PROTOCOLS, CURLPROTO_HTTP | CURLPROTO_HTTPS);
curl_setopt($ch, CURLOPT_REDIR_PROTOCOLS, CURLPROTO_HTTP | CURLPROTO_HTTPS);

//curl_setopt($ch, CURLOPT_CONNECTTIMEOUT, $timeout);
curl_setopt($ch, CURLOPT_FOLLOWLOCATION, 1);
curl_setopt($ch, CURLOPT_MAXREDIRS, 5);

// we deal with this ourselves
curl_setopt($ch, CURLOPT_RETURNTRANSFER, 0);
Expand Down

0 comments on commit 6ffe823

Please sign in to comment.