Reading some news about Httpoxy vulnerability. Apart from server side, is there anything yii users should be taking care?

Samdark confirmed that Yii HTTP Client is not affected by this. Tweet

If you are using other clients make sure these have been fixed or switch to the client mentioned above.


In general one should be careful when relying on $_SERVER data. Yii itself isn’t affected but application code could be.

Thanks. The only $_SERVER data I use is ‘REMOTE_ADDR’, validated by ip validator before saving.