Update php-scanner.yaml

Fixed the GLOBALS matchers, so that a case like https://srcincite.io/blog/2021/09/30/chasing-a-dream-pwning-the-biggest-cms-in-china.html wouldn't be missed.
2021-09-30 17:43:42 -05:00 · 2021-09-30 17:43:42 -05:00 · aeba0ba1cd
parent 93c2fafc77
commit aeba0ba1cd
1 changed files with 10 additions and 4 deletions
--- a/file/php/php-scanner.yaml
+++ b/file/php/php-scanner.yaml
@ -105,15 +105,21 @@ file:
        regex:
          - 'import_request_variables'
      - type: regex
-        # Avoid use of $GLOBALS
+        # Avoid use of GLOBALS
        regex:
-          - '\\$GLOBALS'
+          - 'GLOBALS'
      - type: regex
        regex:
-          - '\\$_GET'
+          - '_GET'
      - type: regex
        regex:
-          - '\\$_POST'
+          - '_POST'
+      - type: regex
+        regex:
+          - '_COOKIE'
+      - type: regex
+        regex:
+          - '_SESSION'
      - type: regex
        # Ensure the use of type checking validating against booleans (===)
        regex: