diff options
| author | Derek Jones <derek.jones@ellislab.com> | 2009-11-05 16:06:31 +0100 |
|---|---|---|
| committer | Derek Jones <derek.jones@ellislab.com> | 2009-11-05 16:06:31 +0100 |
| commit | e24f61a2bb61c2445cb205777f897415e86fc10e (patch) | |
| tree | cd04430eaa0b13b9943a3ab7ab005a2d88267efa /system | |
| parent | a3f47180e3885fca82599e90c95ce6e5c26072d6 (diff) | |
added hyphens to allowed characters in GET keys and vals in submitted URLs in xss_clean()
Diffstat (limited to 'system')
| -rw-r--r-- | system/libraries/Input.php | 2 |
1 files changed, 1 insertions, 1 deletions
diff --git a/system/libraries/Input.php b/system/libraries/Input.php index e7bf72779..98f28262f 100644 --- a/system/libraries/Input.php +++ b/system/libraries/Input.php @@ -554,7 +554,7 @@ class CI_Input { // 901119URL5918AMP18930PROTECT8198 - $str = preg_replace('|\&([a-z\_0-9]+)\=([a-z\_0-9]+)|i', $this->xss_hash()."\\1=\\2", $str); + $str = preg_replace('|\&([a-z\_0-9\-]+)\=([a-z\_0-9\-]+)|i', $this->xss_hash()."\\1=\\2", $str); /* * Validate standard character entities |