Answers for "Please specify classes allowed for unserialization in 2nd argument"

1

Please specify classes allowed for unserialization in 2nd argument

PHP supports a method known as 'serialize (Object)' that is used to serialize 
the object. In PHP 7, an additional security feature has been added by 
introducing filtering 'unserialize (arg1, arg2)' method. This feature seeks 
to provide better security when unserializing objects on untrusted data. It 
prevents possible code injections by enabling the developer to whitelist 
classes that can be unserialized.

$data = unserialize($serializeObj, ["allowed_classes" => true]);
Posted by: Guest on December-07-2020

Code answers related to "Please specify classes allowed for unserialization in 2nd argument"

Browse Popular Code Answers by Language