diff options
| author | Derek Jones <derek.jones@ellislab.com> | 2008-06-30 19:23:25 +0200 |
|---|---|---|
| committer | Derek Jones <derek.jones@ellislab.com> | 2008-06-30 19:23:25 +0200 |
| commit | 40f38f1e289eda97026cc3d21558cd99bcce2e1d (patch) | |
| tree | 61ea39f55566c4db78d556481aaa704fc1bc2be6 | |
| parent | e37fa05e9687ff461b1ff7413633ea697365c128 (diff) | |
simplified regex for _remove_invisible_characters() - since we rawurldecode() the string, there's no need to go looking for url encoded characters here
| -rw-r--r-- | system/libraries/Input.php | 9 | ||||
| -rw-r--r-- | user_guide/changelog.html | 6 |
2 files changed, 9 insertions, 6 deletions
diff --git a/system/libraries/Input.php b/system/libraries/Input.php index 5f47909ac..a2f1d0056 100644 --- a/system/libraries/Input.php +++ b/system/libraries/Input.php @@ -829,12 +829,11 @@ class CI_Input { if ( ! isset($non_displayables))
{
// every control character except newline (10), carriage return (13), and horizontal tab (09),
- // both as a URL encoded character (::shakes fist at IE and WebKit::), and the actual character
$non_displayables = array(
- '/%0[0-8]/', '/[\x00-\x08]/', // 00-08
- '/%11/', '/\x0b/', '/%12/', '/\x0c/', // 11, 12
- '/%1[4-9]/', '/%2[0-9]/', '/%3[0-1]/', // url encoded 14-31
- '/[\x0e-\x1f]/'); // 14-31
+ '/[\x00-\x08]/', // 00-08
+ '/\x0b/', '/\x0c/', // 11, 12
+ '/[\x0e-\x1f]/' // 14-31
+ );
}
diff --git a/user_guide/changelog.html b/user_guide/changelog.html index 8149b7cc2..6697856da 100644 --- a/user_guide/changelog.html +++ b/user_guide/changelog.html @@ -63,7 +63,11 @@ Change Log SVN Revision: XXXX</p>
<ul>
- <li>No significant changes yet</li>
+ <li>Other changes
+ <ul>
+ <li>Improved performance and accuracy of xss_clean() (no changes to security)</li>
+ </ul>
+ </li>
</ul>
<h3>Bug fixes for 1.6.4</h3>
|