1. EPMO Open Source Coordination Office Redaction File Detail Report

Produced by Araxis Merge on 8/16/2019 12:01:55 PM Eastern Daylight Time. See www.araxis.com for information about Merge. This report uses XHTML and CSS2, and is best viewed with a modern standards-compliant browser. For optimum results when printing this report, use landscape orientation and enable printing of background images and colours in your browser.

1.1 Files compared

#	Location	File	Last Modified
1	Direct_DSM.zip\Direct_DSM\api\application\config	config.php	Tue Aug 13 17:30:18 2019 UTC
2	Direct_DSM.zip\Direct_DSM\api\application\config	config.php	Wed Aug 14 12:29:15 2019 UTC

1.2 Comparison summary

Description	Between Files 1 and 2
Description	Text Blocks	Lines
Unchanged	2	914
Changed	1	2
Inserted	0	0
Removed	0	0

1.3 Comparison options

Whitespace
Character case	Differences in character case are significant
Line endings	Differences in line endings (`CR` and `LF` characters) are ignored
CR/LF characters	Not shown in the comparison detail

1.4 Active regular expressions

No regular expressions were active.

1.5 Comparison detail

	1	<?php if ( ! define d('BASEPAT H')) exit( 'No direct script ac cess allow ed');
	2
	3	/**
	4	* @package direct-as -a-service
	5	* @subpack age config
	6	//* */
	7
	8	/**
	9	* Base Sit e URL
	10	*
	11	* URL to y our CodeIg niter root . Typicall y this wil l be your base URL,
	12	* WITH a t railing sl ash:
	13	*
	14	* ht tp://examp le.com/
	15	*
	16	* If this is not set then Code Igniter wi ll guess t he protoco l, domain and
	17	* path to your insta llation.
	18	*
	19	* @global string $co nfig['base _url']
	20	*/
	21	if(
	22	define d('PHPUNIT _TEST') \|\|
	23	(
	24	de fined('API _ADMINPANE L_DOMAIN')
	25	&& (!empty($ _SERVER['H TTP_HOST'] ) && mb_st rstr($_SER VER['HTTP_ HOST'], AP I_ADMINPAN EL_DOMAIN) )
	26	)
	27	) {
	28	$c onfig['bas e_url'] = 'https ://'.API_A DMINPANEL_ DOMAIN.'/' ;
	29	}elseif (
	30	define d('API_FIL ETRANSFER_ DOMAIN') & &
	31	(!empt y($_SERVER ['HTTP_HOS T']) && mb _strstr($_ SERVER['HT TP_HOST'], API_FILET RANSFER_DO MAIN))
	32	){
	33	$c onfig['bas e_url'] = 'https://' .API_FILET RANSFER_DO MAIN.'/';
	34	}else {
	35	$c onfig['bas e_url'] = 'https ://'.API_D OMAIN.'/';
	36	}
	37
	38	/**
	39	* Index Fi le
	40	*
	41	* Typicall y this wil l be your index.php file, unle ss you've renamed it to
	42	* somethin g else. If you are u sing mod_r ewrite to remove the page set this
	43	* variable so that i t is blank .
	44	*
	45	* @global string $co nfig['inde x_page']
	46	*/
	47	$config['i ndex_page' ] = '';
	48
	49	/**
	50	* URI PROT OCOL
	51	*
	52	* This ite m determin es which s erver glob al should be used to retrieve the
	53	* URI stri ng. The d efault set ting of 'A UTO' works for most servers.
	54	* If your links do n ot seem to work, try one of th e other de licious fl avors:
	55	*
	56	* 'AUTO' Default - auto det ects
	57	* 'PATH_IN FO' Uses t he PATH_IN FO
	58	* 'QUERY_S TRING' Uses t he QUERY_S TRING
	59	* 'REQUEST _URI' Uses t he REQUEST _URI
	60	* 'ORIG_PA TH_INFO' Uses t he ORIG_PA TH_INFO
	61	*
	62	* @global string $co nfig['uri_ protocol']
	63	*/
	64	$config['u ri_protoco l'] = 'AUT O';
	65
	66	/**
	67	* URL suff ix
	68	*
	69	* This opt ion allows you to ad d a suffix to all UR Ls generat ed by Code Igniter.
	70	* For more informati on please see the us er guide:
	71	*
	72	* http://c odeigniter .com/user_ guide/gene ral/urls.h tml
	73	*
	74	* @global string $co nfig['url_ suffix']
	75	*/
	76
	77	$config['u rl_suffix' ] = '';
	78
	79	/**
	80	* Default Language
	81	*
	82	* This det ermines wh ich set of language files shou ld be used . Make sur e
	83	* there is an availa ble transl ation if y ou intend to use som ething oth er
	84	* than eng lish.
	85	*
	86	* @global string $co nfig['lang uage']
	87	*/
	88	$config['l anguage'] = 'eng lish';
	89
	90	/**
	91	* Default Character Set
	92	*
	93	* This det ermines wh ich charac ter set is used by d efault in various me thods
	94	* that req uire a cha racter set to be pro vided.
	95	*
	96	* @global string $co nfig['char set']
	97	*/
	98	$config['c harset'] = 'UTF-8';
	99
	100	/**
	101	* Enable/D isable Sys tem Hooks
	102	*
	103	* If you w ould like to use the 'hooks' f eature you must enab le it by
	104	* setting this varia ble to TRU E (boolean ). See th e user gui de for det ails.
	105	*
	106	* @global boolean $c onfig['ena ble_hooks' ]
	107	*/
	108	$config['e nable_hook s'] = TRUE ;
	109
	110
	111	/**
	112	* Class Ex tension Pr efix
	113	*
	114	* This ite m allows y ou to set the filena me/classna me prefix when exten ding
	115	* native l ibraries. For more informatio n please s ee the use r guide:
	116	*
	117	* http://c odeigniter .com/user_ guide/gene ral/core_c lasses.htm l
	118	* http://c odeigniter .com/user_ guide/gene ral/creati ng_librari es.html
	119	*
	120	* @global string $co nfig['subc lass_prefi x']
	121	*/
	122	$config['s ubclass_pr efix'] = ' DAAS_';
	123
	124	/*
	125	\|--------- ---------- ---------- ---------- ---------- ---------- ---------- -----
	126	\| Composer auto-load ing
	127	\|--------- ---------- ---------- ---------- ---------- ---------- ---------- -----
	128	\|
	129	\| Enabling this sett ing will t ell CodeIg niter to l ook for a Composer
	130	\| package auto-loade r script i n applicat ion/vendor /autoload. php.
	131	\|
	132	\| $c onfig['com poser_auto load'] = T RUE;
	133	\|
	134	\| Or if yo u have you r vendor/ directory located so mewhere el se, you
	135	\| can opt to set a s pecific pa th as well :
	136	\|
	137	\| $c onfig['com poser_auto load'] = ' /path/to/v endor/auto load.php';
	138	\|
	139	\| For more informati on about C omposer, p lease visi t http://g etcomposer .org/
	140	\|
	141	\| Note: Th is will NO T disable or overrid e the Code Igniter-sp ecific
	142	\| au toloading (applicati on/config/ autoload.p hp)
	143	*/
	144	$config['c omposer_au toload'] = FALSE;
	145
	146	/**
	147	* Allowed URL Charac ters
	148	*
	149	* This let s you spec ify with a regular e xpression which char acters are permitted
	150	* within y our URLs. When some one tries to submit a URL with disallowe d
	151	* characte rs they wi ll get a w arning mes sage.
	152	*
	153	* As a sec urity meas ure you ar e STRONGLY encourage d to restr ict URLs t o
	154	* as few c haracters as possibl e. By def ault only these are allowed: a -z 0-9~%.: _-
	155	*
	156	* Leave bl ank to all ow all cha racters -- but only if you are insane.
	157	*
	158	* DO NOT C HANGE THIS UNLESS YO U FULLY UN DERSTAND T HE REPERCU SSIONS!!
	159	*
	160	* @global string $co nfig['perm itted_uri_ chars']
	161	*/
	162	$config['p ermitted_u ri_chars'] = 'a-z 0- 9~%.:_\'\- ()@=';
	163	/* 2017-06 -30 - Myke Carter - Apostrophe added to accommodat e users wi th apostro phes in th eir names and/or ext ernal emai l addresse s */
	164
	165	/**
	166	* Enable Q uery Strin gs
	167	*
	168	* By defau lt CodeIgn iter uses search-eng ine friend ly segment based URL s:
	169	* example. com/who/wh at/where/
	170	*
	171	* By defau lt CodeIgn iter enabl es access to the $_G ET array. If for so me
	172	* reason y ou would l ike to dis able it, s et 'allow_ get_array' to FALSE.
	173	*
	174	* You can optionally enable st andard que ry string based URLs :
	175	* example. com?who=me &what=some thing&wher e=here
	176	*
	177	* Options are: TRUE or FALSE ( boolean)
	178	*
	179	* The othe r items le t you set the query string 'wo rds' that will
	180	* invoke y our contro llers and its functi ons:
	181	* example. com/index. php?c=cont roller&m=f unction
	182	*
	183	* Please n ote that s ome of the helpers w on't work as expecte d when
	184	* this fea ture is en abled, sin ce CodeIgn iter is de signed pri marily to
	185	* use segm ent based URLs.
	186	*/
	187	$config['a llow_get_a rray'] = TRUE;
	188	$config['e nable_quer y_strings' ] = FALSE;
	189	$config['c ontroller_ trigger'] = 'c';
	190	$config['f unction_tr igger'] = 'm';
	191	$config['d irectory_t rigger'] = 'd'; / / experime ntal not c urrently i n use
	192
	193	/**
	194	* Error Lo gging Thre shold
	195	*
	196	* If you h ave enable d error lo gging, you can set a n error th reshold to
	197	* determin e what get s logged. Threshold options ar e:
	198	* You can enable err or logging by settin g a thresh old over z ero. The
	199	* threshol d determin es what ge ts logged. Threshold options a re:
	200	*
	201	* 0 = Disables logging, Error logg ing TURNED OFF
	202	* 1 = Error Me ssages (in cluding PH P errors)
	203	* 2 = Debug Me ssages
	204	* 3 = Informat ional Mess ages
	205	* 4 = All Mess ages
	206	*
	207	* For a li ve site yo u'll usual ly only en able Error s (1) to b e logged o therwise
	208	* your log files wil l fill up very fast.
	209	*
	210	* @global int $confi g['log_thr eshold']
	211	*/
	212	$config['l og_thresho ld'] = 1;
	213
	214	/**
	215	* Error Lo gging Dire ctory Path
	216	*
	217	* Leave th is BLANK u nless you would like to set so mething ot her than t he default
	218	* applicat ion/logs/ folder. Us e a full s erver path with trai ling slash .
	219	*
	220	* @global string $co nfig['log_ path']
	221	*/
	222	$config['l og_path'] = '';
	223
	224
	225	/*
	226	\|--------- ---------- ---------- ---------- ---------- ---------- ---------- -----
	227	\| Log File Extension
	228	\|--------- ---------- ---------- ---------- ---------- ---------- ---------- -----
	229	\|
	230	\| The defa ult filena me extensi on for log files. Th e default 'php' allo ws for
	231	\| protecti ng the log files via basic scr ipting, wh en they ar e to be st ored
	232	\| under a publicly a ccessible directory.
	233	\|
	234	\| Note: Le aving it b lank will default to 'php'.
	235	\|
	236	*/
	237	$config['l og_file_ex tension'] = '';
	238
	239	/*
	240	\|--------- ---------- ---------- ---------- ---------- ---------- ---------- -----
	241	\| Log File Permissio ns
	242	\|--------- ---------- ---------- ---------- ---------- ---------- ---------- -----
	243	\|
	244	\| The file system pe rmissions to be appl ied on new ly created log files .
	245	\|
	246	\| IMPORTAN T: This MU ST be an i nteger (no quotes) a nd you MUS T use octa l
	247	\| integer notation (i.e. 0700 , 0644, et c.)
	248	*/
	249	$config['l og_file_pe rmissions' ] = 0644;
	250
	251	/**
	252	* Date For mat for Lo gs
	253	*
	254	* Each ite m that is logged has an associ ated date. You can u se PHP dat e
	255	* codes to set your own date f ormatting
	256	*
	257	* @global string $co nfig['log_ date_forma t']
	258	*/
	259	$config['l og_date_fo rmat'] = ' Y-m-d H:i: s';
	260
	261	/**
	262	* Error Vi ews Direct ory Path
	263	*
	264	* Leave th is BLANK u nless you would like to set so mething ot her than t he default
	265	* applicat ion/views/ errors/ di rectory. Use a full server pa th with tr ailing sla sh.
	266	*
	267	* @global string $co nfig['erro r_views_pa th']
	268	*/
	269	$config['e rror_views _path'] = '';
	270
	271	/**
	272	* Cache Di rectory Pa th
	273	*
	274	* Leave th is BLANK u nless you would like to set so mething ot her than t he default
	275	* system/c ache/ fold er. Use a full serv er path wi th trailin g slash.
	276	*
	277	* @global string $co nfig['cach e_path']
	278	*/
	279	$config['c ache_path' ] = '';
	280
	281	$applicati on_ini_con fig = pars e_ini_file (APPLICATI ON_INI_LOC ATION);
	282
	283	/**
	284	* Encrypti on Key
	285	*
	286	* If you u se the Enc ryption cl ass or the Session c lass you
	287	* MUST set an encryp tion key. See the u ser guide for info.
	288	*
	289	* @global string $co nfig['encr yption_key ']
	290	*/
	291	$config['e ncryption_ key'] = $a pplication _ini_confi g['encrypt ion_key'];
	292
	293	/*
	294	\|--------- ---------- ---------- ---------- ---------- ---------- ---------- -----
	295	\| Session Variables
	296	\|--------- ---------- ---------- ---------- ---------- ---------- ---------- -----
	297	\|
	298	\| 'sess_dr iver'
	299	\|
	300	\| Th e storage driver to use: files , database , redis, m emcached
	301	\|
	302	\| 'sess_co okie_name'
	303	\|
	304	\| Th e session cookie nam e, must co ntain only [0-9a-z_- ] characte rs
	305	\|
	306	\| 'sess_ex piration'
	307	\|
	308	\| Th e number o f SECONDS you want t he session to last.
	309	\| Se tting to 0 (zero) me ans expire when the browser is closed.
	310	\|
	311	\| 'sess_sa ve_path'
	312	\|
	313	\| Th e location to save s essions to , driver d ependant.
	314	\|
	315	\| Fo r the 'fil es' driver , it's a p ath to a w ritable di rectory.
	316	\| WA RNING: Onl y absolute paths are supported !
	317	\|
	318	\| Fo r the 'dat abase' dri ver, it's a table na me.
	319	\| Pl ease read up the man ual for th e format w ith other session dr ivers.
	320	\|
	321	\| IM PORTANT: Y ou are REQ UIRED to s et a valid save path !
	322	\|
	323	\| 'sess_ma tch_ip'
	324	\|
	325	\| Wh ether to m atch the u ser's IP a ddress whe n reading the sessio n data.
	326	\|
	327	\| 'sess_ti me_to_upda te'
	328	\|
	329	\| Ho w many sec onds betwe en CI rege nerating t he session ID.
	330	\|
	331	\| 'sess_re generate_d estroy'
	332	\|
	333	\| Wh ether to d estroy ses sion data associated with the old sessio n ID
	334	\| wh en auto-re generating the sessi on ID. Whe n set to F ALSE, the data
	335	\| wi ll be late r deleted by the gar bage colle ctor.
	336	\|
	337	\| Other se ssion cook ie setting s are shar ed with th e rest of the applic ation,
	338	\| except f or 'cookie _prefix' a nd 'cookie _httponly' , which ar e ignored here.
	339	\|
	340	*/
	341	$config['s ess_driver '] = 'file s';
	342	$config['s ess_cookie _name'] = 'api_sessi on';
	343	$config['s ess_expira tion'] = 6 00;
	344	$config['s ess_save_p ath'] = NU LL;
	345	$config['s ess_match_ ip'] = FAL SE;
	346	$config['s ess_time_t o_update'] = 0; //d on't chang e the sess ion id unt il the ses sion expir es
	347	$config['s ess_regene rate_destr oy'] = FAL SE;
	348
	349	/**
	350	* Cookie R elated Var iables
	351	*
	352	* 'cookie_ prefix' = Set a pref ix if you need to av oid collis ions
	353	* 'cookie_ domain' = Set to .yo ur-domain. com for si te-wide co okies
	354	* 'cookie_ path' = Typically will be a forward s lash
	355	* 'cookie_ secure' = Cookies w ill only b e set if a secure HT TPS connec tion exist s.
	356	*/
	357	$config['c ookie_pref ix'] = '';
	358	$config['c ookie_doma in'] = '';
	359	$config['c ookie_path '] = '/';
	360	$config['c ookie_secu re'] = TRU E;
	361	$config['c ookie_http only'] = T RUE;
	362
	363	/*
	364	\|--------- ---------- ---------- ---------- ---------- ---------- ---------- -----
	365	\| Standard ize newlin es
	366	\|--------- ---------- ---------- ---------- ---------- ---------- ---------- -----
	367	\|
	368	\| Determin es whether to standa rdize newl ine charac ters in in put data,
	369	\| meaning to replace \r\n, \r, \n occure nces with the PHP_EO L value.
	370	\|
	371	\| This is particular ly useful for portab ility betw een UNIX-b ased OSes,
	372	\| (usually \n) and W indows (\r \n).
	373	\|
	374	*/
	375	$config['s tandardize _newlines' ] = FALSE;
	376
	377	/**
	378	* Global X SS Filteri ng
	379	*
	380	* Determin es whether the XSS f ilter is a lways acti ve when GE T, POST or
	381	* COOKIE d ata is enc ountered
	382	*
	383	* @global boolean $c onfig['glo bal_xss_fi ltering']
	384	*/
	385	$config['g lobal_xss_ filtering' ] = FALSE;
	386
	387	/**
	388	* Cross Si te Request Forgery
	389	*--------- ---------- ---------- ---------- ---------- ---------- ---------- -----
	390	* Enables a CSRF coo kie token to be set. When set to TRUE, t oken will be
	391	* checked on a submi tted form. If you ar e acceptin g user dat a, it is s trongly
	392	* recommen ded CSRF p rotection be enabled .
	393	*
	394	* 'csrf_to ken_name' = The toke n name
	395	* 'csrf_co okie_name' = The coo kie name
	396	* 'csrf_ex pire' = Th e number i n seconds the token should exp ire.
	397	*/
	398	$config['c srf_protec tion'] = T RUE;
	399	$config['c srf_token_ name'] = ' dpii_api_t oken';
	400	$config['c srf_cookie _name'] = 'dpii_api_ token_cook ie';
	401	$config['c srf_expire '] = 300;
	402	$config['c srf_regene rate'] = F ALSE;
	403	$config['c srf_exclud e_uris'] = array();
	404
	405	/**
	406	* Output C ompression
	407	*
	408	* Enables Gzip outpu t compress ion for fa ster page loads. Wh en enabled ,
	409	* the outp ut class w ill test w hether you r server s upports Gz ip.
	410	* Even if it does, h owever, no t all brow sers suppo rt compres sion
	411	* so enabl e only if you are re asonably s ure your v isitors ca n handle i t.
	412	*
	413	* VERY IMP ORTANT: I f you are getting a blank page when comp ression is enabled i t
	414	* means yo u are prem aturely ou tputting s omething t o your bro wser. It c ould
	415	* even be a line of whitespace at the en d of one o f your scr ipts. For
	416	* compress ion to wor k, nothing can be se nt before the output buffer is called
	417	* by the o utput clas s. Do not 'echo' an y values w ith compre ssion enab led.
	418	*
	419	* @global boolean $c onfig['com press_outp ut']
	420	*/
	421	$config['c ompress_ou tput'] = F ALSE;
	422
	423	/**
	424	* Master T ime Refere nce
	425	*
	426	* Options are 'local ' or 'gmt' . This pr ef tells t he system whether to use
	427	* your ser ver's loca l time as the master 'now' ref erence, or convert i t to
	428	* GMT. Se e the 'dat e helper' page of th e user gui de for inf ormation
	429	* regardin g date han dling.
	430	*
	431	* @global string $co nfig['time _reference ']
	432	*/
	433	$config['t ime_refere nce'] = 'l ocal';
	434
	435
	436	/**
	437	* Rewrite PHP Short Tags
	438	*
	439	* If your PHP instal lation doe s not have short tag support e nabled CI
	440	* can rewr ite the ta gs on-the- fly, enabl ing you to utilize t hat syntax
	441	* in your view files . Options are TRUE or FALSE ( boolean)
	442	*
	443	* @global boolean $c onfig['rew rite_short _tags']
	444	*/
	445	$config['r ewrite_sho rt_tags'] = FALSE;
	446
	447
	448	/**
	449	* Reverse Proxy IPs
	450	*
	451	* If your server is behind a r everse pro xy, you mu st whiteli st the pro xy IP
	452	* addresse s from whi ch CodeIgn iter shoul d trust th e HTTP_X_F ORWARDED_F OR
	453	* header i n order to properly identify t he visitor 's IP addr ess.
	454	* Comma-de limited, e .g. ' IP , IP '
	455	*
	456	* @global string $co nfig['rewr ite_short_ tags']
	457	*/
	458	$config['p roxy_ips'] = '';