Document $php_self_pattern and $php_self_replacement

author pdontthink <pdontthink@7612ce4b-ef26-0410-bec9-ea0150e637f0>

Wed, 25 Mar 2020 00:20:42 +0000 (00:20 +0000)

committer pdontthink <pdontthink@7612ce4b-ef26-0410-bec9-ea0150e637f0>

Wed, 25 Mar 2020 00:20:42 +0000 (00:20 +0000)
author pdontthink <pdontthink@7612ce4b-ef26-0410-bec9-ea0150e637f0>
Wed, 25 Mar 2020 00:20:42 +0000 (00:20 +0000)
committer pdontthink <pdontthink@7612ce4b-ef26-0410-bec9-ea0150e637f0>
Wed, 25 Mar 2020 00:20:42 +0000 (00:20 +0000)
diff --git a/doc/ChangeLog b/doc/ChangeLog

index 00c90fade11fca06fc64aeecc0edcbdd90fc9cdc..4af06e1754891d898fb3953a1d384a3c5db65a9e 100644 (file)
--- a/doc/ChangeLog
+++ b/doc/ChangeLog
@@ -431,6 +431,14 @@ Version 1.5.2 - SVN
      (see notes in config/config_local.example.php for more details)
    - Added handling for RCDATA and RAWTEXT elements in HTML sanitizer
      [CVE-2019-12970]
+  - Added the ability to modify of the value of the global $PHP_SELF
+    variable used throughout the SquirrelMail code (though less so
+    in version 1.5.2).  The administrator may do so by adding the
+    configuration settings $php_self_pattern and $php_self_replacement
+    to config/config_local.php, where the pattern should be a full
+    regular expression including the delimiters. This may be helpful
+    when the web server sees traffic from a proxy so the normal
+    $PHP_SELF does not resolve to what it should be for the real client.
  
  Version 1.5.1 (branched on 2006-02-12)
  --------------------------------------
author	pdontthink <pdontthink@7612ce4b-ef26-0410-bec9-ea0150e637f0>
	Wed, 25 Mar 2020 00:20:42 +0000 (00:20 +0000)
committer	pdontthink <pdontthink@7612ce4b-ef26-0410-bec9-ea0150e637f0>
	Wed, 25 Mar 2020 00:20:42 +0000 (00:20 +0000)