I am currently using file_get_contents()
to get the title of a webpage, given the URL. On wamp, this works perfectly fine. However, when I shifted this to my web server, I came across a problem which lead me to this answer. (Which is to set allow_url_fopen
to 1
).
Is there a major security risk in setting this on? If yes, are there any alternate ways to grab the title of a webpage from the URL itself?
(Also, unsure of tags for this so please feel free to add/remove if appropriate!)
Edit (1) : Further research lead me to this question, which pretty much says that it is a risk as well, and to disable it if the application does not need it. Unfortunately this does not tell me enough about the risk involved.
Edit (2) : Quick note, I will be using this function with user input (the URL), and not internally, which is why I want to ensure there is absolutely no security risk involved
If you love us? You can donate to us via Paypal or buy me a coffee so we can maintain and grow! Thank you!
Donate Us With