Skip to content

Commit

Permalink
docs: add README section on untrusted input (#766)
Browse files Browse the repository at this point in the history 
### Changes

<!--
  Please outline the changes made in this pull request.
-->

This PR updates the README to include a new section on handling input
from untrusted sources.

### References

<!--
  Link to any associated issues, pull requests, or other resources.
-->

### Testing

<!--
  Tests must be added for new functionality.
  Existing tests should complete without errors.
  100% test coverage is required.
-->

### Contributor Checklist

- [x] I agree to adhere to the [Auth0 General Contribution
Guidelines](https://github.com/auth0/open-source-template/blob/master/GENERAL-CONTRIBUTING.md).
- [x] I agree to uphold the [Auth0 Code of
Conduct](https://github.com/auth0/open-source-template/blob/master/CODE-OF-CONDUCT.md).
  • Loading branch information
@evansims
evansims committed Jul 12, 2024
1 parent d263216 commit 520b2bf
Showing 1 changed file with 7 additions and 3 deletions.
10 changes: 7 additions & 3 deletions README.md
View file
Original file line number Diff line number Diff line change
Expand Up @@ -102,6 +102,10 @@ print_r($auth0->getCredentials()?->user);

If you have questions, the [Auth0 Community](https://community.auth0.com/) is a fantastic resource to ask questions and get help.

## Input from Untrusted Sources

If your application accepts input from untrusted sources (such as query parameters from HTTP requests) please ensure you are following best practices for data validation and sanitization. It is your application's responsibility to ensure any data provided to the SDK is valid and safe. For more information, see the [OWASP Data Validation Cheat Sheet](https://cheatsheetseries.owasp.org/cheatsheets/Input_Validation_Cheat_Sheet.html).

## API Reference

- [API Reference](https://auth0.github.io/auth0-PHP/)
Expand All @@ -112,9 +116,9 @@ Our support lifecycle mirrors the [PHP release support schedule](https://www.php

| SDK Version | PHP Version | Support Ends |
| ----------- | ----------- | ------------ |
| 8 | 8.3 | Nov 2026 |
| | 8.2 | Nov 2025 |
| | 8.1 | Nov 2024 |
| 8 | 8.3 | Dec 2027 |
| | 8.2 | Dec 2026 |
| | 8.1 | Dec 2025 |

We drop support for PHP versions when they reach end-of-life and cease receiving security fixes from the PHP Foundation. Please ensure your environment remains up to date so you can continue receiving updates for PHP and this SDK.

Expand Down

0 comments on commit 520b2bf

Please sign in to comment.