Update CraftValetDriver.php

adrum · web-flow · commit ba2d5727ed2c · 2025-05-01T21:59:37.000-04:00
When applying https://github.com/craftcms/security-patches to a Craft project, the fix for [CVE-2024-56145](GHSA-2p6p-9rc9-62j9) breaks sites served by Valet (and Herd). This fix allows these sites to work when using Valet (and Herd).
diff --git a/cli/Valet/Drivers/Specific/CraftValetDriver.php b/cli/Valet/Drivers/Specific/CraftValetDriver.php
@@ -193,6 +193,10 @@ public function frontControllerPath(string $sitePath, string $siteName, string $
         $_SERVER['PHP_SELF'] = $scriptName;
         $_SERVER['DOCUMENT_ROOT'] = $sitePath.'/'.$frontControllerDirectory;
 
+        if (isset($_SERVER['argv'])) {
+            unset($_SERVER['argv']);
+        }
+
         return $indexPath;
     }
 }

Original file line number	Diff line number	Diff line change
`@@ -193,6 +193,10 @@ public function frontControllerPath(string $sitePath, string $siteName, string $`
`193`	`193`	`$_SERVER['PHP_SELF'] = $scriptName;`
`194`	`194`	`$_SERVER['DOCUMENT_ROOT'] = $sitePath.'/'.$frontControllerDirectory;`
`195`	`195`
	`196`	`+ if (isset($_SERVER['argv'])) {`
	`197`	`+ unset($_SERVER['argv']);`
	`198`	`+ }`
	`199`	`+`
`196`	`200`	`return $indexPath;`
`197`	`201`	`}`
`198`	`202`	`}`