Logo Questions Linux Laravel Mysql Ubuntu Git Menu
 

Is allow_url_fopen safe? [duplicate]

Tags:

I am currently using file_get_contents() to get the title of a webpage, given the URL. On wamp, this works perfectly fine. However, when I shifted this to my web server, I came across a problem which lead me to this answer. (Which is to set allow_url_fopen to 1).

Is there a major security risk in setting this on? If yes, are there any alternate ways to grab the title of a webpage from the URL itself?

(Also, unsure of tags for this so please feel free to add/remove if appropriate!)

Edit (1) : Further research lead me to this question, which pretty much says that it is a risk as well, and to disable it if the application does not need it. Unfortunately this does not tell me enough about the risk involved.

Edit (2) : Quick note, I will be using this function with user input (the URL), and not internally, which is why I want to ensure there is absolutely no security risk involved