summaryrefslogtreecommitdiffstats
path: root/system/core
AgeCommit message (Expand)AuthorFilesLines
2016-01-11Merge branch '3.0-stable' into developAndrey Andreev21-42/+42
2016-01-11[ci skip] Bump year to 2016Andrey Andreev21-42/+42
2016-01-11Merge branch '3.0-stable' into developAndrey Andreev1-1/+31
2016-01-04Fix #4350Andrey Andreev1-1/+31
2015-12-14Merge branch '3.0-stable' into developAndrey Andreev1-0/+16
2015-12-07Merge pull request #4291 from b-kaxa/fix-phpdocAndrey Andreev2-1/+2
2015-12-07replace spaces with tabsb-kaxa1-1/+1
2015-12-06fix phpdocb-kaxa2-1/+2
2015-11-24Use PHP7's random_bytes() when possibleAndrey Andreev1-0/+16
2015-11-09Merge pull request #4217 from natesilva/fix-ipv6-base_urlAndrey Andreev1-1/+10
2015-11-06Minor formatting: add empty line after else closeNate Silva1-0/+1
2015-11-06Tweak to match CI coding styleNate Silva1-1/+1
2015-11-06Simpler way to detect an IPv6 address (strpos)Nate Silva1-1/+1
2015-11-05Build base_url correctly if SERVER_ADDR is IPv6Nate Silva1-1/+9
2015-11-04Merge branch '3.0-stable' into developAndrey Andreev3-32/+47
2015-11-04[ci skip] Start of 3.0.4 developmentAndrey Andreev1-1/+1
2015-10-31[ci skip] Update changelog, version & upgrade instructionsAndrey Andreev1-1/+1
2015-10-31Prevent Host header injectionsAndrey Andreev1-4/+2
2015-10-31Harden xss_clean()Andrey Andreev1-27/+39
2015-10-30Fix #3201Andrey Andreev1-1/+6
2015-10-12Merge branch '3.0-stable' into developAndrey Andreev6-111/+163
2015-10-12[ci skip] This is 3.0.3-devAndrey Andreev1-1/+1
2015-10-08[ci skip] Prepare 3.0.2 releaseAndrey Andreev1-1/+1
2015-10-05Some more intrusive XSS cleaningAndrey Andreev1-5/+11
2015-10-02More XSS stuffAndrey Andreev1-1/+1
2015-09-24Fix #4137Andrey Andreev1-1/+1
2015-09-21More XSS stuffAndrey Andreev1-3/+3
2015-09-17Don't allow open-ended tags to pass through xss_clean()Andrey Andreev1-4/+9
2015-09-17Refactor 'evil attributes' sanitization logicAndrey Andreev1-92/+66
2015-09-15Missing character in the evil attributes patternAndrey Andreev1-1/+1
2015-09-14Another addition to tag detection patterns in xss_clean()Andrey Andreev1-1/+4
2015-09-14Close #4098Andrey Andreev1-2/+18
2015-09-14Fix #4109Andrey Andreev1-20/+22
2015-09-14Add 'eval' to a JS blacklist in xss_clean()Andrey Andreev1-7/+10
2015-09-14Move _remove_evil_attributes() callAndrey Andreev1-4/+3
2015-09-11Harden xss_clean() moreAndrey Andreev1-5/+37
2015-09-11Improve on previous commitAndrey Andreev1-1/+1
2015-09-11Replace the latest XSS patchesAndrey Andreev1-9/+21
2015-09-10Last commit didn't adjust a RE indexAndrey Andreev1-1/+1
2015-09-10Fix & extend 700619cebf75c4e4fcda6a2d7bea1afb84a029e4Andrey Andreev1-2/+2
2015-09-10Fix #4106Andrey Andreev1-2/+2
2015-09-07Remove unnecessary count() calls from _sanitize_globals()Andrey Andreev1-3/+3
2015-09-07Move csrf_verify() call out of _sanitize_globals()Andrey Andreev1-6/+6
2015-08-17Allow capitals in the middle of model namesAndrey Andreev1-1/+1
2015-08-15Fix #4056Andrey Andreev1-1/+1
2015-08-14Merge branch '3.0-stable' into developAndrey Andreev1-20/+0
2015-08-14Fix #4052Andrey Andreev1-20/+0
2015-08-13Fix typo in commentsClaudio Galdiolo1-1/+1
2015-08-13Fix typo in commentsClaudio Galdiolo1-1/+1
2015-08-07[ci skip] Start of 3.1.0-devAndrey Andreev1-1/+1