summaryrefslogtreecommitdiffstats
path: root/user_guide
diff options
context:
space:
mode:
authorGreg Aker <greg.aker@ellislab.com>2010-04-15 02:33:50 +0200
committerGreg Aker <greg.aker@ellislab.com>2010-04-15 02:33:50 +0200
commitf82e51cd8f46b112c3c400d43db9044854a8e805 (patch)
treea5a1e61b824117aa83e3c13a9afc396b44c09192 /user_guide
parent757dda61aa0556aca8172dc2a8175596afe28ce2 (diff)
Update to File Upload library to return boolean on do_xss_clean().
Diffstat (limited to 'user_guide')
-rw-r--r--user_guide/changelog.html1
-rw-r--r--user_guide/libraries/file_uploading.html6
2 files changed, 7 insertions, 0 deletions
diff --git a/user_guide/changelog.html b/user_guide/changelog.html
index 5e0f5ae05..25b3b1744 100644
--- a/user_guide/changelog.html
+++ b/user_guide/changelog.html
@@ -93,6 +93,7 @@ Hg Tag: </p>
<li>The <a href="libraries/unit_testing.html">Unit Test Class</a> now has an optional "notes" field available to it, and allows for discrete display of test result items using <kbd>$this->unit->set_test_items()</kbd>.</li>
<li>Added a <kbd>$xss_clean</kbd> class variable to the XMLRPC library, enabling control over the use of the Security library's <kbd>xss_clean()</kbd> method.</li>
<li>Added a <kbd>download()</kbd> method to the <a href="libraries/ftp.html">FTP library</a></li>
+ <li>Changed <kbd>do_xss_clean()</kbd> to return FALSE if the uploaded file fails XSS checks.</li>
</ul>
</li>
<li>Database
diff --git a/user_guide/libraries/file_uploading.html b/user_guide/libraries/file_uploading.html
index d143f5b6e..061d55627 100644
--- a/user_guide/libraries/file_uploading.html
+++ b/user_guide/libraries/file_uploading.html
@@ -318,6 +318,12 @@ $this->upload->initialize($config);</code>
<td class="td">TRUE/FALSE (boolean)</td>
<td class="td">If set to TRUE, any spaces in the file name will be converted to underscores. This is recommended.</td>
</tr>
+<tr>
+<td class="td"><strong>xss_clean</strong></td>
+<td class="td">FALSE</td>
+<td class="td">TRUE/FALSE (boolean)</td>
+<td class="td">If set to TRUE, the files will be tested for XSS vulnerabilities.</td>
+</tr>
</table>