diff options
Diffstat (limited to 'user_guide_src/source/changelog.rst')
| -rw-r--r-- | user_guide_src/source/changelog.rst | 1 |
1 files changed, 1 insertions, 0 deletions
diff --git a/user_guide_src/source/changelog.rst b/user_guide_src/source/changelog.rst index f57e244b1..909c3bc3c 100644 --- a/user_guide_src/source/changelog.rst +++ b/user_guide_src/source/changelog.rst @@ -503,6 +503,7 @@ Release Date: Not Released - Removed internal method ``_assign_to_config()`` and moved its implementation to *CodeIgniter.php* instead. - ``item()`` now returns NULL instead of FALSE when the required config item doesn't exist. - Added an optional second parameter to both ``base_url()`` and ``site_url()`` that allows enforcing of a protocol different than the one in the *base_url* configuration setting. + - Added HTTP "Host" header character validation to prevent cache poisoning attacks when ``base_url`` auto-detection is used. - :doc:`Security Library <libraries/security>` changes include: |