summaryrefslogtreecommitdiffstats
path: root/system/core
AgeCommit message (Expand)AuthorFilesLines
2016-07-25Merge pull request #4725 from tianhe1986/develop_url_encode_case_insensitiveAndrey Andreev1-2/+2
2016-07-25Merge pull request #4724 from tianhe1986/develop_is_https_strtolowerAndrey Andreev1-1/+1
2016-07-19Fix #4679Andrey Andreev1-2/+2
2016-05-20Merge pull request #4638 from kasimtan/phpdoc_fixesAndrey Andreev4-4/+4
2016-04-28Fix #4605Andrey Andreev1-6/+3
2016-04-04Fix #4563Andrey Andreev1-12/+14
2016-03-22random_bytes()-related improvementsAndrey Andreev1-4/+22
2016-03-22[ci skip] Fix CI_VERSIONAndrey Andreev1-1/+1
2016-03-21[ci skip] Mark the start of 3.0.7 developmentAndrey Andreev1-1/+1
2016-03-21[ci skip] Prepare for 3.0.6 releaseAndrey Andreev1-1/+1
2016-03-11[ci skip] Mark the start of 3.0.6 developmentAndrey Andreev1-1/+1
2016-03-11[ci skip] Prepare for 3.0.5 releaseAndrey Andreev1-1/+1
2016-03-11Add a defensive check in CI_Loader::_ci_load()Andrey Andreev1-0/+8
2016-03-07Merge pull request #4472 from vibbow/patch-1Andrey Andreev1-1/+1
2016-03-07Fix #4475Andrey Andreev1-1/+8
2016-03-01[ci skip] Move flock() call in CI_Log::write_log() immediately after fopen()Andrey Andreev1-2/+2
2016-02-24Merge pull request #4480 from versalle88/developAndrey Andreev1-1/+1
2016-02-15Merge pull request #4453 from EpicKris/feature/Autoload-Driver-Object-NameAndrey Andreev1-6/+10
2016-02-09Merge pull request #4323 from jspreddy/sai/log_line_formatting_extensibility_...Andrey Andreev1-3/+20
2016-01-20[ci skip] Fix a documentation error on output cache timesAndrey Andreev1-1/+1
2016-01-13[ci skip] Mark the start of 3.0.5 developmentAndrey Andreev1-1/+1
2016-01-11[ci skip] Update ellislab.com links to https tooAndrey Andreev21-21/+21
2016-01-11[ci skip] Update codeigniter.com links to httpsAndrey Andreev21-42/+42
2016-01-11[ci skip] Bump year to 2016Andrey Andreev21-42/+42
2016-01-04Fix #4350Andrey Andreev1-1/+31
2015-12-07Merge pull request #4291 from b-kaxa/fix-phpdocAndrey Andreev2-1/+2
2015-11-24Use PHP7's random_bytes() when possibleAndrey Andreev1-0/+16
2015-11-09Merge pull request #4217 from natesilva/fix-ipv6-base_urlAndrey Andreev1-1/+10
2015-11-04[ci skip] Start of 3.0.4 developmentAndrey Andreev1-1/+1
2015-10-31[ci skip] Update changelog, version & upgrade instructionsAndrey Andreev1-1/+1
2015-10-31Prevent Host header injectionsAndrey Andreev1-4/+2
2015-10-31Harden xss_clean()Andrey Andreev1-27/+39
2015-10-30Fix #3201Andrey Andreev1-1/+6
2015-10-12[ci skip] This is 3.0.3-devAndrey Andreev1-1/+1
2015-10-08[ci skip] Prepare 3.0.2 releaseAndrey Andreev1-1/+1
2015-10-05Some more intrusive XSS cleaningAndrey Andreev1-5/+11
2015-10-02More XSS stuffAndrey Andreev1-1/+1
2015-09-24Fix #4137Andrey Andreev1-1/+1
2015-09-21More XSS stuffAndrey Andreev1-3/+3
2015-09-17Don't allow open-ended tags to pass through xss_clean()Andrey Andreev1-4/+9
2015-09-17Refactor 'evil attributes' sanitization logicAndrey Andreev1-92/+66
2015-09-15Missing character in the evil attributes patternAndrey Andreev1-1/+1
2015-09-14Another addition to tag detection patterns in xss_clean()Andrey Andreev1-1/+4
2015-09-14Close #4098Andrey Andreev1-2/+18
2015-09-14Fix #4109Andrey Andreev1-20/+22
2015-09-14Add 'eval' to a JS blacklist in xss_clean()Andrey Andreev1-7/+10
2015-09-14Move _remove_evil_attributes() callAndrey Andreev1-4/+3
2015-09-11Harden xss_clean() moreAndrey Andreev1-5/+37
2015-09-11Improve on previous commitAndrey Andreev1-1/+1
2015-09-11Replace the latest XSS patchesAndrey Andreev1-9/+21