diff options
| author | Andrey Andreev <narf@devilix.net> | 2014-10-28 20:32:20 +0100 |
|---|---|---|
| committer | Andrey Andreev <narf@devilix.net> | 2014-10-28 20:32:20 +0100 |
| commit | 815ac8a3be770b7de7a805a551f136cc6bb9f83c (patch) | |
| tree | c605ac9dae927bb3e85ce618e140cb9942eede0f /user_guide_src/source/changelog.rst | |
| parent | 98251706c81a7ca6057430c7c6a56ee4dfbe10a0 (diff) | |
Close #3292
Diffstat (limited to 'user_guide_src/source/changelog.rst')
| -rw-r--r-- | user_guide_src/source/changelog.rst | 1 |
1 files changed, 1 insertions, 0 deletions
diff --git a/user_guide_src/source/changelog.rst b/user_guide_src/source/changelog.rst index f57e244b1..909c3bc3c 100644 --- a/user_guide_src/source/changelog.rst +++ b/user_guide_src/source/changelog.rst @@ -503,6 +503,7 @@ Release Date: Not Released - Removed internal method ``_assign_to_config()`` and moved its implementation to *CodeIgniter.php* instead. - ``item()`` now returns NULL instead of FALSE when the required config item doesn't exist. - Added an optional second parameter to both ``base_url()`` and ``site_url()`` that allows enforcing of a protocol different than the one in the *base_url* configuration setting. + - Added HTTP "Host" header character validation to prevent cache poisoning attacks when ``base_url`` auto-detection is used. - :doc:`Security Library <libraries/security>` changes include: |