diff options
| -rw-r--r-- | system/core/Config.php | 1 | ||||
| -rw-r--r-- | user_guide_src/source/installation/upgrade_300.rst | 13 | ||||
| -rw-r--r-- | user_guide_src/source/libraries/config.rst | 6 |
3 files changed, 19 insertions, 1 deletions
diff --git a/system/core/Config.php b/system/core/Config.php index a0e830abe..93c950e2e 100644 --- a/system/core/Config.php +++ b/system/core/Config.php @@ -332,6 +332,7 @@ class CI_Config { /** * System URL * + * @deprecated 3.0.0 Encourages insecure practices * @return string */ public function system_url() diff --git a/user_guide_src/source/installation/upgrade_300.rst b/user_guide_src/source/installation/upgrade_300.rst index 3f96a31e2..75aeea715 100644 --- a/user_guide_src/source/installation/upgrade_300.rst +++ b/user_guide_src/source/installation/upgrade_300.rst @@ -556,6 +556,19 @@ CodeIgniter 3.1+. .. note:: This method is still available, but you're strongly encouraged to remove its usage sooner rather than later. +Config library method system_url() +================================== + +Usage of ``CI_Config::system_url()`` encourages insecure coding practices. +Namely, your CodeIgniter *system/* directory shouldn't be publicly accessible +from a security point of view. + +Because of this, this method is now deprecated and scheduled for removal in +CodeIgniter 3.1+. + +.. note:: This method is still available, but you're strongly encouraged to remove its usage + sooner rather than later. + *********************************************************** Step 18: Check your usage of Text helper highlight_phrase() *********************************************************** diff --git a/user_guide_src/source/libraries/config.rst b/user_guide_src/source/libraries/config.rst index b31815799..3116b768a 100644 --- a/user_guide_src/source/libraries/config.rst +++ b/user_guide_src/source/libraries/config.rst @@ -245,4 +245,8 @@ Class Reference :returns: URL pointing at your CI system/ directory :rtype: string - This method retrieves the URL to your CodeIgniter system/ directory.
\ No newline at end of file + This method retrieves the URL to your CodeIgniter system/ directory. + + .. note:: This method is DEPRECATED because it encourages usage of + insecure coding practices. Your *system/* directory shouldn't + be publicly accessible.
\ No newline at end of file |