Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

docs: add README section on untrusted input #766

Merged
merged 2 commits into from
Jul 12, 2024
Merged
Changes from all commits
Commits
File filter

Filter by extension

Filter by extension

Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
10 changes: 7 additions & 3 deletions README.md
Original file line number Diff line number Diff line change
Expand Up @@ -102,6 +102,10 @@ print_r($auth0->getCredentials()?->user);

If you have questions, the [Auth0 Community](https://community.auth0.com/) is a fantastic resource to ask questions and get help.

## Input from Untrusted Sources

If your application accepts input from untrusted sources (such as query parameters from HTTP requests) please ensure you are following best practices for data validation and sanitization. It is your application's responsibility to ensure any data provided to the SDK is valid and safe. For more information, see the [OWASP Data Validation Cheat Sheet](https://cheatsheetseries.owasp.org/cheatsheets/Input_Validation_Cheat_Sheet.html).

## API Reference

- [API Reference](https://auth0.github.io/auth0-PHP/)
Expand All @@ -112,9 +116,9 @@ Our support lifecycle mirrors the [PHP release support schedule](https://www.php

| SDK Version | PHP Version | Support Ends |
| ----------- | ----------- | ------------ |
| 8 | 8.3 | Nov 2026 |
Copy link
Member Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Updating community EOL dates while here

| | 8.2 | Nov 2025 |
| | 8.1 | Nov 2024 |
| 8 | 8.3 | Dec 2027 |
| | 8.2 | Dec 2026 |
| | 8.1 | Dec 2025 |

We drop support for PHP versions when they reach end-of-life and cease receiving security fixes from the PHP Foundation. Please ensure your environment remains up to date so you can continue receiving updates for PHP and this SDK.

Expand Down
Loading