Age | Commit message (Collapse) | Author | Files | Lines |
|
|
|
|
|
|
|
|
|
|
|
|
|
This was a regression caused by the previous commit
|
|
Turned out pretty much impossible to do remove 'evil attributes'
with just one pattern - it either breaks something else, hits
pcre.backtrack_limit or causes PHP to segfault.
No benchmarks made, but there shouldn't be any performance
regressions since we're now trying to strip attributes only
after it is determined that they are inside a tag; up until
now this was done seprately for _sanitize_naughty_html()
and _remove_evil_attributes().
|
|
|
|
|
|
|
|
|
|
|
|
|
|
This time eliminate false positives for the
'naughty html' logic.
|
|
|
|
This one fixes yet another issue, is cleaner and faster.
|
|
|
|
|
|
|
|
foreach() just won't execute for an empty array,
it does that check internally.
|
|
It doesn't belong in there.
|
|
Requested in #4059
|
|
|
|
The bug actually had two instances:
- Callback routes with literal matches and HTTP verbs has never worked
- The reported issue in #4052, which is a regression introduced in 3.0.1
with abc299b3a234eb7da1b7e3d257b7eba2da649219
Removed the literal matches logic altogether to avoid similar issues
in the future and reduce code complexity. The same logic is performed
with the regular expressions logic.
|
|
|
|
|
|
|
|
Partial changes from PR #4016
|
|
|
|
|
|
|
|
#3991 shows that all such checks are useless as function_exists('eval')
will always return FALSE.
|
|
Helps debugging in case of controller/model/library class name collision.
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
Typically, in most cases, we do not need to cache all the Query String variables. That's why I suggest to improve `Cache Include Query String` behaviour — allow the developer to independently specify which variables should be cached.
For example, consider a query to the following URL address:
http://site.com/search?q=query&page=2&session=abcd&utm_source=web
In this case we don't need to build md5 hash for entire query string, because `session` or `utm_source` can be different for all users. The only variables which should be used for md5 hash should be `q` and `page`. Thus, in `config.php` we can use `$config['cache_query_string'] = array('page', 'q');`.
So:
`$config['cache_query_string'] = FALSE;` → Cache Include Query String is disabled
`$config['cache_query_string'] = TRUE;` → Cache Include Query String is enabled for all
`$config['cache_query_string'] = array('page', 'q');` → enabled only for specified variables
|
|
According to documentation, to manually delete cache for page "/foo/bar" we should run $this->output->delete_cache('/foo/bar'), but in this case MD5 hash will be calculated for "http://site.com//foo/bar" and this is why, we should pass $uri without beginning slash (ie, "foo/bar"). But the problem is that there is no way to delete cache for home page because:
1) $this->output->delete_cache('/') — MD5 hash will be calculated for "http://site.com//" and cache file will not be deleted.
2) $this->output->delete_cache('') — MD5 hash will be calculated for "http://site.com/%CURRENT_PAGE%" and again, cache file will not be deleted.
Trimming the beginning slash, we enable ability to delete cache for home page by calling $this->output->delete_cache('/'). Also, this method will work as specified in the documentation.
|
|
|
|
|
|
|
|
https://github.com/bcit-ci/CodeIgniter/pull/3748#issuecomment-90925762
|
|
|
|
Close #3734
|
|
|