Age | Commit message (Collapse) | Author | Files | Lines | |
---|---|---|---|---|---|
2022-03-03 | Merge branch '3.1-stable' into develop | Andrey Andreev | 1 | -1/+2 | |
2022-03-02 | [ci skip] Update copyright notices | Andrey Andreev | 1 | -1/+2 | |
2022-02-11 | [ci skip] Merge pull request #6098 from totoprayogo1916/indent-whitespaces | Andrey Andreev | 1 | -1/+0 | |
Minor indentation & whitespace corrections | |||||
2022-02-11 | whitespaces | Toto Prayogo | 1 | -1/+0 | |
2022-01-05 | Merge branch '3.1-stable' into develop | Andrey Andreev | 1 | -9/+29 | |
2022-01-05 | Fix some minor PHP 8.1 deprecation warnings | Andrey Andreev | 1 | -1/+1 | |
2021-03-24 | [ci skip] Add SameSite=Strict to CSRF cookie | Andrey Andreev | 1 | -9/+29 | |
2020-07-09 | [ci skip] Merge pull request #5970 from sapics/fix/user-guide-url | Andrey Andreev | 1 | -1/+1 | |
Fix user guide url | |||||
2020-06-24 | Fix user guide url | sapics | 1 | -1/+1 | |
Replace from https://codeigniter.com/user_guide/* to https://codeigniter.com/userguide3/* | |||||
2019-09-19 | Merge branch '3.1-stable' into develop | Andrey Andreev | 1 | -0/+1 | |
Conflicts resolved: system/core/CodeIgniter.php system/libraries/Cache/drivers/Cache_redis.php system/libraries/Session/drivers/Session_redis_driver.php user_guide_src/source/changelog.rst user_guide_src/source/conf.py user_guide_src/source/installation/downloads.rst user_guide_src/source/installation/upgrading.rst | |||||
2019-08-02 | [ci skip] Fix a CSRF-related bug | Andrey Andreev | 1 | -0/+1 | |
2019-01-02 | Merge pull request #5662 from jim-parry/copyright2019 | Instructor, BCIT | 1 | -3/+3 | |
Update copyright date to 2019 | |||||
2018-12-27 | Update copyright date to 2019 | Jim Parry | 1 | -2/+2 | |
2018-05-18 | http:// to https:// | Mehdi Bounya | 1 | -3/+3 | |
2018-03-22 | Merge branch '3.1-stable' into develop | Andrey Andreev | 1 | -2/+10 | |
Conflicts resolved: system/core/CodeIgniter.php system/core/Security.php system/database/DB_query_builder.php system/libraries/Email.php user_guide_src/source/changelog.rst user_guide_src/source/conf.py user_guide_src/source/installation/downloads.rst user_guide_src/source/installation/upgrading.rst | |||||
2018-03-15 | Merge pull request #5431 from CyberSecutor/develop | Andrey Andreev | 1 | -4/+6 | |
Added parenthesis check around "document" elements and fixed non-existent document.window filter to window.document | |||||
2018-03-10 | [ci skip] Fix #5420 | Andrey Andreev | 1 | -2/+10 | |
2018-03-05 | Fixed typo | Remko Silvis | 1 | -1/+1 | |
2018-03-05 | Added parenthesis check around "document" elements and fixed non-existent ↵ | Remko Silvis | 1 | -3/+5 | |
document.window filter to window.document | |||||
2018-01-09 | [ci skip] Merge pull request #5376 from jim-parry/copyright-update | Andrey Andreev | 1 | -2/+2 | |
Annual copyright update Conflicts resolved: system/libraries/Cache/drivers/Cache_apcu.php | |||||
2018-01-09 | Annual copyright update | Master Yoda | 1 | -2/+2 | |
2017-03-24 | Merge branch '3.1-stable' into develop | Andrey Andreev | 1 | -2/+2 | |
Conflicts resolved: system/core/CodeIgniter.php system/core/Common.php system/core/Input.php system/helpers/cookie_helper.php tests/codeigniter/helpers/html_helper_test.php user_guide_src/source/changelog.rst user_guide_src/source/conf.py user_guide_src/source/installation/downloads.rst user_guide_src/source/installation/upgrading.rst user_guide_src/source/libraries/input.rst | |||||
2017-01-20 | Don't use each() | Andrey Andreev | 1 | -2/+2 | |
Will be deprecated in PHP 7.2 | |||||
2017-01-17 | [ci skip] Merge pull request #4986 from ka7/feature/spelling | Andrey Andreev | 1 | -1/+1 | |
Spelling fixes in comment blocks and docs | |||||
2017-01-16 | spelling fixes(1) | klemens | 1 | -1/+1 | |
2017-01-16 | spelling fixes | klemens | 1 | -1/+1 | |
2017-01-10 | Merge branch '3.1-stable' into develop | Andrey Andreev | 1 | -7/+9 | |
Conflicts resolved: system/core/CodeIgniter.php system/database/drivers/sqlite/sqlite_driver.php system/database/drivers/sqlite/sqlite_forge.php system/database/drivers/sqlite/sqlite_result.php system/database/drivers/sqlite/sqlite_utility.php system/helpers/email_helper.php system/helpers/smiley_helper.php system/libraries/Cart.php system/libraries/Email.php system/libraries/Image_lib.php system/libraries/Javascript.php system/libraries/Javascript/Jquery.php system/libraries/Session/SessionHandlerInterface.php user_guide_src/source/changelog.rst user_guide_src/source/installation/downloads.rst user_guide_src/source/installation/upgrading.rst | |||||
2017-01-04 | [ci skip] Protect CSRF verification from timing side-channel attacks | Andrey Andreev | 1 | -6/+8 | |
2017-01-04 | Fix an XSS vulnerability | Andrey Andreev | 1 | -1/+1 | |
2017-01-03 | Update copyright data to 2017 | Master Yoda | 1 | -2/+2 | |
2016-12-31 | Update copyright data to 2017 | Master Yoda | 1 | -2/+2 | |
2016-12-14 | Move csrf_verify() call out of CI_Input | Andrey Andreev | 1 | -4/+5 | |
2016-12-14 | Drop all PHP 5.3-related code | Andrey Andreev | 1 | -28/+4 | |
2016-10-28 | [ci skip] xss_clean() hardening | Andrey Andreev | 1 | -10/+11 | |
- percent-sign tag (IE) - data: URI scheme inclinding whitespace (Chrome) | |||||
2016-10-26 | Fix #4877 | Andrey Andreev | 1 | -5/+29 | |
2016-09-27 | Fix entity_decode() issue | Andrey Andreev | 1 | -17/+22 | |
2016-08-29 | Merge pull request #4785 from guitarrist/develop | Andrey Andreev | 1 | -1/+1 | |
[ci skip] Fix a comment typo | |||||
2016-07-28 | Remove dead code written for PHP 5.2 | Andrey Andreev | 1 | -6/+1 | |
2016-03-07 | Fix #4475 | Andrey Andreev | 1 | -1/+8 | |
2016-01-11 | [ci skip] Update ellislab.com links to https too | Andrey Andreev | 1 | -1/+1 | |
2016-01-11 | [ci skip] Update codeigniter.com links to https | Andrey Andreev | 1 | -2/+2 | |
2016-01-11 | [ci skip] Bump year to 2016 | Andrey Andreev | 1 | -2/+2 | |
2015-11-24 | Use PHP7's random_bytes() when possible | Andrey Andreev | 1 | -0/+16 | |
Close #4260 | |||||
2015-10-31 | Harden xss_clean() | Andrey Andreev | 1 | -27/+39 | |
2015-10-05 | Some more intrusive XSS cleaning | Andrey Andreev | 1 | -5/+11 | |
2015-10-02 | More XSS stuff | Andrey Andreev | 1 | -1/+1 | |
2015-09-21 | More XSS stuff | Andrey Andreev | 1 | -3/+3 | |
2015-09-17 | Don't allow open-ended tags to pass through xss_clean() | Andrey Andreev | 1 | -4/+9 | |
This was a regression caused by the previous commit | |||||
2015-09-17 | Refactor 'evil attributes' sanitization logic | Andrey Andreev | 1 | -92/+66 | |
Turned out pretty much impossible to do remove 'evil attributes' with just one pattern - it either breaks something else, hits pcre.backtrack_limit or causes PHP to segfault. No benchmarks made, but there shouldn't be any performance regressions since we're now trying to strip attributes only after it is determined that they are inside a tag; up until now this was done seprately for _sanitize_naughty_html() and _remove_evil_attributes(). | |||||
2015-09-15 | Missing character in the evil attributes pattern | Andrey Andreev | 1 | -1/+1 | |