diff options
author | Timothy Warren <tim@timshomepage.net> | 2012-04-26 23:58:56 +0200 |
---|---|---|
committer | Timothy Warren <tim@timshomepage.net> | 2012-04-26 23:58:56 +0200 |
commit | 042766bac61958a21ba5d6b3c53b0e4296fdcce7 (patch) | |
tree | df9e26699ddb5d3841a0d1cc1795913c819bf611 /system/core/Security.php | |
parent | 0688ac9ad88a03f1c56cfcd9e3c475b83301344d (diff) | |
parent | 61318a2c53c13a314f483fcbbfd64c6e01f5242c (diff) |
Merge branch 'develop' of git://github.com/EllisLab/CodeIgniter into library-cleanup
Diffstat (limited to 'system/core/Security.php')
-rwxr-xr-x | system/core/Security.php | 14 |
1 files changed, 7 insertions, 7 deletions
diff --git a/system/core/Security.php b/system/core/Security.php index 139511661..974e2e428 100755 --- a/system/core/Security.php +++ b/system/core/Security.php @@ -41,14 +41,14 @@ class CI_Security { * * @var string */ - protected $_xss_hash = ''; + protected $_xss_hash = ''; /** * Random Hash for Cross Site Request Forgery Protection Cookie * * @var string */ - protected $_csrf_hash = ''; + protected $_csrf_hash = ''; /** * Expiration time for Cross Site Request Forgery Protection Cookie @@ -56,28 +56,28 @@ class CI_Security { * * @var int */ - protected $_csrf_expire = 7200; + protected $_csrf_expire = 7200; /** * Token name for Cross Site Request Forgery Protection Cookie * * @var string */ - protected $_csrf_token_name = 'ci_csrf_token'; + protected $_csrf_token_name = 'ci_csrf_token'; /** * Cookie name for Cross Site Request Forgery Protection Cookie * * @var string */ - protected $_csrf_cookie_name = 'ci_csrf_token'; + protected $_csrf_cookie_name = 'ci_csrf_token'; /** * List of never allowed strings * * @var array */ - protected $_never_allowed_str = array( + protected $_never_allowed_str = array( 'document.cookie' => '[removed]', 'document.write' => '[removed]', '.parentNode' => '[removed]', @@ -95,7 +95,7 @@ class CI_Security { * * @var array */ - protected $_never_allowed_regex = array( + protected $_never_allowed_regex = array( 'javascript\s*:', 'expression\s*(\(|&\#40;)', // CSS and IE 'vbscript\s*:', // IE, surprise! |