From c651dbb798b3ff4735fc64b3f0779810ee965b31 Mon Sep 17 00:00:00 2001
From: SilverFire - Dmitry Naumenko <d.naumenko.a@gmail.com>
Date: Sun, 22 Nov 2015 17:13:51 +0200
Subject: [PATCH] Added `yii\web\ErrorHandler::loggableGlobals`, removed
 `$_ENV` and `$_SERVER` from dumping by default

---
 framework/CHANGELOG.md         |  1 +
 framework/web/ErrorHandler.php | 14 +++++++++++---
 2 files changed, 12 insertions(+), 3 deletions(-)

diff --git a/framework/CHANGELOG.md b/framework/CHANGELOG.md
index 717fc3f..1280bc0 100644
--- a/framework/CHANGELOG.md
+++ b/framework/CHANGELOG.md
@@ -72,6 +72,7 @@ Yii Framework 2 Change Log
 - Chg #9369: `Yii::$app->user->can()` now returns `false` instead of erroring in case `authManager` component is not configured (creocoder)
 - Chg #9411: `DetailView` now automatically sets container tag ID in case it's not specified (samdark)
 - Chg #9953: `TimestampBehavior::getValue()` changed to make value processing consistent with `AttributeBehavior::getValue()` (silverfire)
+- Chg #6419: Added `yii\web\ErrorHandler::loggableGlobals` to make list logging global variables customizable. `$_ENV` and `$_SERVER` are not logged by default anymore (silverfire)
 - New #10083: Added wrapper for PHP webserver (samdark)
 - New: Added new requirement: ICU Data version >= 49.1 (SilverFire)
 
diff --git a/framework/web/ErrorHandler.php b/framework/web/ErrorHandler.php
index 53d0b1f..bb9f9c3 100644
--- a/framework/web/ErrorHandler.php
+++ b/framework/web/ErrorHandler.php
@@ -59,7 +59,13 @@ class ErrorHandler extends \yii\base\ErrorHandler
      * @var string the path of the view file for rendering previous exceptions.
      */
     public $previousExceptionView = '@yii/views/errorHandler/previousException.php';
-
+    /**
+     * @var array the variables that will be dumped from the $GLOBALS array.
+     * Defaults to: `['_GET', '_POST', '_FILES', '_COOKIE', '_SESSION']`
+     * @see renderRequest()
+     * @since 2.0.7
+     */
+    public $loggableGlobals = ['_GET', '_POST', '_FILES', '_COOKIE', '_SESSION'];
 
     /**
      * Renders the exception.
@@ -289,13 +295,15 @@ class ErrorHandler extends \yii\base\ErrorHandler
     }
 
     /**
-     * Renders the request information.
+     * Renders the global variables of the request.
+     * List of global variables is defined in [[loggableGlobals]].
      * @return string the rendering result
+     * @see loggableGlobals
      */
     public function renderRequest()
     {
         $request = '';
-        foreach (['_GET', '_POST', '_SERVER', '_FILES', '_COOKIE', '_SESSION', '_ENV'] as $name) {
+        foreach ($this->loggableGlobals as $name) {
             if (!empty($GLOBALS[$name])) {
                 $request .= '$' . $name . ' = ' . VarDumper::export($GLOBALS[$name]) . ";\n\n";
             }