Home/ Questions/Q 511771
In Process

The Archive Base Latest Questions

Editorial Team
  • 0
Asked: 2026-05-13T07:15:04+00:00

I just noticed a PHP config parameter called allow_url_include , which allows you to

  • 0

I just noticed a PHP config parameter called allow_url_include, which allows you to include a PHP file hosted elsewhere as you would a locally. This seems like a bad idea, but “why is this bad” is too easy a question.

So, my question: When would this actually be a good option? When it would actually be the best solution to some problem?

Share

Leave an answer

You must login to add an answer.

Need An Account,

1 Answer

  1. Editorial Team

    Contrary to the other responders here, I’m going to go with “No”. I can’t think of any situation where this would make a good idea.

    Some quick responses to the other ideas:

    • Licensing : would be very easy to circumvent
    • Single library for multiple servers: I’m sorry but this is a very dumb solution to something that should be solved by syncing files from for example a
      • sourcecontrol system
      • packaging / distribution system
      • build system
      • or a remote filesystem. NFS was mentioned
    • Remote library from google: nobody has a benefit to a slow non-caching PHP library loading over PHP. This is not (asynchronous) javascript

    I think I covered all of them..

    Now..

    your question was about ‘including a file hosted elsewhere’, which I think you should never attempt. However, there are uses for allow_url_include. This setting covers more than just http://. It also covers user-defined protocol handlers, and I believe even phar://. For these there a quite a bit of valid uses.

    • 0