summaryrefslogtreecommitdiffstats
path: root/system/core/Security.php
AgeCommit message (Collapse)AuthorFilesLines
2012-03-18add support for httponly cookiesfreewil1-1/+9
2012-03-09Merge branch 'develop' of github.com:EllisLab/CodeIgniter into developPhil Sturgeon1-2/+2
2012-03-09Bumped CodeIgniter's PHP requirement to 5.2.4.Phil Sturgeon1-1/+1
Yes I know PHP 5.4 just came out, and yes I know PHP 5.3 has lovely features, but there are plenty of corporate systems running on CodeIgniter and PHP 5.3 still is not widely supported enough. CodeIgniter is great for distributed applications, and this is the highest we can reasonably go without breaking support. PHP 5.3 will most likely happen in another year or so. Fingers crossed on that one anyway...
2012-03-08Fix issue #940Andrey Andreev1-2/+2
2012-02-29Add strtolower to the HTTPS checkAndrey Andreev1-1/+1
2012-02-27Do not create a CSRF cookie if CSRF protection is not enabledAndrey Andreev1-19/+20
2012-01-09Some more stuff ...Andrey Andreev1-17/+6
2012-01-08Remove some tabsAndrey Andreev1-1/+1
2012-01-08Merge remote-tracking branch 'upstream/develop' into develop-core-securityAndrey Andreev1-3/+8
2012-01-08Merge pull request #850 from RS71/developPhil Sturgeon1-3/+8
CSRF optional token regeneration
2012-01-07Improve the core Security libraryAndrey Andreev1-155/+99
2012-01-02Updating copyright date to 2012Greg Aker1-1/+1
2011-12-31Update system/core/Security.phpRS711-3/+8
2011-12-25Fixing soft tabs in a few files.Greg Aker1-1/+1
2011-11-22Merge master (2.1.0) and fixed conflicts.Phil Sturgeon1-25/+39
2011-11-14Tweaking the xss filter for IE <comment> tags, parameter injection, and ↵Pascal Kriete1-50/+41
weird html5 attributes.
2011-10-20adding new license file (OSL 3.0) and updating readme to ReSTDerek Jones1-4/+16
added notice of license to all source files. OSL to all except the few files we ship inside of the application folder, those are AFL. Updated license in user guide. incrementing next dev version to 3.0 due to licensing change
2011-10-05Fix location file Security Class to core folderpurwandi1-1/+1
2011-10-04Clean up core Security classAndrey Andreev1-50/+19
2011-09-25Fix #484 - Hash is never set to the cookieChris Berthe1-1/+2
2011-09-23fixed issue #192Rommel Castro A1-0/+1
2011-08-28always use charset config itemfreewil1-2/+9
2011-08-28always use charset config itemfreewil1-1/+2
2011-08-25Merge remote-tracking branch 'alexbilbie/csrf-override' into feature/csrf-verifyEric Barnes1-6/+20
Conflicts: system/core/Security.php
2011-08-21Added new config parameter "csrf_exclude_uris" which allows for URIs to be ↵Alex Bilbie1-1/+11
whitelisted from CSRF verification. Fixes #149
2011-08-15Added some docs to CI core filesDavid Behler1-44/+87
2011-07-02backed out 648b42a75739, which was a NON-trivial whitespace commit. It ↵Derek Jones1-52/+52
broke the Typography class's string replacements, for instance
2011-07-02backed out 648b42a75739, which was a NON-trivial whitespace commit. It ↵Derek Jones1-52/+52
broke the Typography class's string replacements, for instance
2011-04-25Fixed double-space typo.Razican1-52/+52
2011-04-20Change in core/Security.php to match coding standards.Greg Aker1-1/+2
2011-04-11Fix: codeigniter-reactor/199 cookie name was overwritten with token namepatwork1-2/+4
2011-04-09Fix: codeigniter-reactor/199 CSRF config in Security class is no longer ignoredpatwork1-1/+10
2011-04-05Moving security to core.Pascal Kriete1-0/+820