summaryrefslogtreecommitdiffstats
path: root/system/core/Security.php
AgeCommit message (Collapse)AuthorFilesLines
2014-06-06Merge remote-tracking branch 'remotes/upstream/2.2-stable' into workingFlorian Pritz1-1/+1
Signed-off-by: Florian Pritz <bluewind@xinu.at> Conflicts: system/libraries/Session.php user_guide/
2014-05-31Changelog messages, bump year in copyright noticesAndrey Andreev1-1/+1
2013-09-22Merge tag '2.1.4'Florian Pritz1-7/+6
Signed-off-by: Florian Pritz <bluewind@xinu.at> Conflicts: application/config/migration.php user_guide/changelog.html
2013-09-16Remove executable bitsFlorian Pritz1-0/+0
Signed-off-by: Florian Pritz <bluewind@xinu.at>
2013-07-08Revert "Updating User Guide for 2.1.4."Wes Baker1-1/+1
This reverts commit c5f99fdcc5c4a918b5b8fe3ddbd56ab25ad1c22b. Signed-off-by: Wes Baker <wes@wesbaker.com>
2013-07-08Updating User Guide for 2.1.4.Wes Baker1-1/+1
2013-07-05Added small improvement to the _remove_evil_attributes functionbrian9781-7/+6
Signed-off-by: brian978 <dbrian89@yahoo.com> Signed-off-by: Wes Baker <wes@wesbaker.com> Conflicts: system/core/Security.php
2012-10-06Backport security fixesAndrey Andreev1-26/+25
2012-06-29Updating XSS cleaning to better handle base64 encoded attributes.Wes Baker1-70/+81
Conflicts: system/core/Security.php
2012-05-17Check cookie against md5 regex.Alexander Hofstede1-1/+1
Otherwise, cookie can contain arbitrary injected code that gets sent back directly to the browser.
2011-11-14Tweaking the xss filter for IE <comment> tags, parameter injection, and ↵Pascal Kriete1-50/+41
weird html5 attributes.
2011-08-15Added some docs to CI core filesDavid Behler1-44/+87
2011-07-02backed out 648b42a75739, which was a NON-trivial whitespace commit. It ↵Derek Jones1-52/+52
broke the Typography class's string replacements, for instance
2011-04-25Fixed double-space typo.Razican1-52/+52
2011-04-20Change in core/Security.php to match coding standards.Greg Aker1-1/+2
2011-04-11Fix: codeigniter-reactor/199 cookie name was overwritten with token namepatwork1-2/+4
2011-04-09Fix: codeigniter-reactor/199 CSRF config in Security class is no longer ignoredpatwork1-1/+10
2011-04-05Moving security to core.Pascal Kriete1-0/+820