summaryrefslogtreecommitdiffstats
AgeCommit message (Expand)AuthorFilesLines
2015-09-21Switch from saving copy of config to reset method parameterzoaked1-4/+5
2015-09-20Persist config file settings when resetting form_validationzoaked1-2/+3
2015-09-20The Lang unit testing claimed to be testing for non-alpha idioms, but wasn't.Master Yoda1-94/+99
2015-09-20Revert "Revert "The Lang unit testing claimed to be testing for non-alpha idi...Master Yoda1-6/+12
2015-09-20Revert "The Lang unit testing claimed to be testing for non-alpha idioms, but...Master Yoda1-12/+6
2015-09-20The Lang unit testing claimed to be testing for non-alpha idioms, but wasn't.Master Yoda1-6/+12
2015-09-20The Lang unit testing claimed to be testing for non-alpha idioms, but wasn't.Master Yoda1-84/+89
2015-09-20The Lang unit testing claimed to be testing for non-alpha idioms, but wasn't.Master Yoda1-0/+1
2015-09-17Don't allow open-ended tags to pass through xss_clean()Andrey Andreev2-4/+10
2015-09-17Refactor 'evil attributes' sanitization logicAndrey Andreev2-115/+100
2015-09-16[ci skip] Add missing changelog entryAndrey Andreev1-0/+1
2015-09-16Fix #4116Andrey Andreev2-6/+7
2015-09-16Fix typokenjis1-1/+1
2015-09-16Fix #4120Andrey Andreev2-3/+14
2015-09-16Merge pull request #4119 from kenjis/fix-tutorialAndrey Andreev1-1/+1
2015-09-16Fix typokenjis1-1/+1
2015-09-15Missing character in the evil attributes patternAndrey Andreev1-1/+1
2015-09-14Another addition to tag detection patterns in xss_clean()Andrey Andreev2-1/+9
2015-09-14Close #4098Andrey Andreev2-2/+19
2015-09-14Fix #4032Andrey Andreev2-7/+10
2015-09-14Fix #4044Andrey Andreev2-5/+6
2015-09-14Fix #4109Andrey Andreev2-20/+23
2015-09-14Add 'eval' to a JS blacklist in xss_clean()Andrey Andreev1-7/+10
2015-09-14Move _remove_evil_attributes() callAndrey Andreev2-4/+17
2015-09-11Harden xss_clean() moreAndrey Andreev2-7/+44
2015-09-11Improve on previous commitAndrey Andreev2-1/+6
2015-09-11Replace the latest XSS patchesAndrey Andreev2-10/+27
2015-09-10Last commit didn't adjust a RE indexAndrey Andreev2-1/+6
2015-09-10Fix & extend 700619cebf75c4e4fcda6a2d7bea1afb84a029e4Andrey Andreev2-6/+6
2015-09-10Fix a broken unit test from 700619cebf75c4e4fcda6a2d7bea1afb84a029e4Andrey Andreev1-1/+1
2015-09-10[ci skip] Add changelog entry for #4105Andrey Andreev1-0/+1
2015-09-10Change form validation library to allow the pipe character within square brac...rich1-1/+1
2015-09-10Merge pull request #4105 from rjbrooksjr/developAndrey Andreev1-1/+1
2015-09-10Fix #4106Andrey Andreev2-2/+10
2015-09-09Change form validation library to allow the pipe character within square brac...rich1-1/+1
2015-09-07Remove unnecessary count() calls from _sanitize_globals()Andrey Andreev1-3/+3
2015-09-07Move csrf_verify() call out of _sanitize_globals()Andrey Andreev1-6/+6
2015-09-03Fix #4096Andrey Andreev2-1/+2
2015-09-02[ci skip] Improve FV language string instructionsAndrey Andreev1-1/+4
2015-09-01Enable Travis builds for 3.0-stable branchAndrey Andreev1-0/+1
2015-09-01Fix #4093Andrey Andreev3-1/+10
2015-09-01[ci skip] Correct session database setup docsAndrey Andreev2-7/+15
2015-09-01[ci skip] Reduce/improve wording of xss_clean() descriptionAndrey Andreev1-10/+5
2015-09-01[ci skip] Remove a bad advice from the Security lib docsAndrey Andreev1-4/+0
2015-09-01Merge pull request #4092 from mpmont/3.0-stableAndrey Andreev1-1/+1
2015-09-01There was an extra = sign in this fileMarco Monteiro1-1/+1
2015-08-31[ci skip] Fix #4091Andrey Andreev2-1/+2
2015-08-31Fix #4086Andrey Andreev2-13/+14
2015-08-31[ci skip] Fix incorrect routing descriptionAndrey Andreev1-2/+1
2015-08-31Merge pull request #4082 from tomaszturkowski/developAndrey Andreev1-1/+1