summaryrefslogtreecommitdiffstats
path: root/user_guide_src
diff options
context:
space:
mode:
Diffstat (limited to 'user_guide_src')
-rw-r--r--user_guide_src/source/contributing/index.rst20
-rw-r--r--user_guide_src/source/general/security.rst3
2 files changed, 19 insertions, 4 deletions
diff --git a/user_guide_src/source/contributing/index.rst b/user_guide_src/source/contributing/index.rst
index 0112ca065..5966070d1 100644
--- a/user_guide_src/source/contributing/index.rst
+++ b/user_guide_src/source/contributing/index.rst
@@ -29,12 +29,24 @@ own copy. This will require you to use the version control system called Git.
Support
*******
-Note that GitHub is not for general support questions!
+Please note that GitHub is not for general support questions! If you are
+having trouble using a feature of CodeIgniter, ask for help on our
+`forums <http://forum.codeigniter.com/>`_ instead.
-If you are having trouble using a feature of CodeIgniter, ask for help on the forum.
+If you are not sure whether you are using something correctly or if you
+have found a bug, again - please ask on the forums first.
-If you are wondering if you are using
-something correctly or if you have found a bug, ask on the forum first.
+********
+Security
+********
+
+Did you find a security issue in CodeIgniter?
+
+Please *don't* disclose it publicly, but e-mail us at security@codeigniter.com,
+or report it via our page on `HackerOne <https://hackerone.com/codeigniter>`_.
+
+If you've found a critical vulnerability, we'd be happy to credit you in our
+`ChangeLog <../changelog>`.
****************************
Tips for a Good Issue Report
diff --git a/user_guide_src/source/general/security.rst b/user_guide_src/source/general/security.rst
index d4120d162..8afdaca31 100644
--- a/user_guide_src/source/general/security.rst
+++ b/user_guide_src/source/general/security.rst
@@ -5,6 +5,9 @@ Security
This page describes some "best practices" regarding web security, and
details CodeIgniter's internal security features.
+.. note:: If you came here looking for a security contact, please refer to
+ our `Contribution Guide <../contributing/index>`.
+
URI Security
============