padraic/humbug_get_contents
Drop-in replacement for file_get_contents() that secures HTTPS requests on PHP 5.3+ by injecting a strict SSL/TLS stream context (CA validation, verification). Helps prevent MITM attacks when fetching APIs, PHARs, or other remote content.
This package supports decisions to secure legacy PHP applications (5.3–5.5) where upgrading PHP is not immediately feasible. It provides a drop-in solution to mitigate Man-in-the-Middle (MITM) vulnerabilities in HTTPS requests using file_get_contents(), avoiding the need for custom code or major refactoring. Use cases include maintaining older systems with high dependency on native PHP HTTP functions, addressing compliance gaps in security-critical workflows (e.g., API integrations, PHAR downloads), and acting as a temporary "band-aid" during phased modernization efforts. It represents a clear "buy" decision over building a custom wrapper, given its focused scope and pre-vetted security configurations.
Consider this package only if your project runs PHP <5.6, cannot upgrade PHP in the short term
How can I help you explore Laravel packages today?