feature: re-enable protected globals

Greg Bowler · Greg Bowler · commit 944a9a535bd7 · 2022-09-25T13:06:42.000+01:00
diff --git a/composer.json b/composer.json
@@ -7,7 +7,6 @@
 	],
 
 	"type": "library",
-
 	"require": {
 		"ext-posix": "*",
 		"ext-dom": "*",
@@ -21,6 +20,7 @@
 		"phpgt/database": "^1.4",
 		"phpgt/http": "^1.1",
 		"phpgt/logger": "^1.0",
+		"phpgt/protectedglobal": "^v1.1",
 		"phpgt/routing": "^1.0",
 		"phpgt/servicecontainer": "^1.1",
 		"phpgt/session": "^1.1",
diff --git a/composer.lock b/composer.lock
diff --git a/src/Middleware/RequestHandler.php b/src/Middleware/RequestHandler.php
@@ -215,20 +215,12 @@ public function handle(
 		$input = new Input($_GET, $_POST, $_FILES);
 		$serviceContainer->set($input);
 
-// TODO: Re-enable protected globals
-//		Protection::removeGlobals($GLOBALS, [
-//			"_GET" => ["xdebug"],
-//		]);
-//		Protection::overrideInternals(
-//			$GLOBALS,
-//			$_ENV,
-//			$_SERVER,
-//			$_GET,
-//			$_POST,
-//			$_FILES,
-//			$_COOKIE,
-//			$_SESSION,
-//		);
+		Protection::overrideInternals(
+			Protection::removeGlobals($GLOBALS, [
+// TODO: Configure the whitelisted globals.
+				"_GET" => ["xdebug"],
+			]
+		));
 
 		$injector = new Injector($serviceContainer);
 
