summaryrefslogtreecommitdiffstats
path: root/system/core
AgeCommit message (Collapse)AuthorFilesLines
2016-08-29Merge pull request #4785 from guitarrist/developAndrey Andreev1-1/+1
[ci skip] Fix a comment typo
2016-08-23Merge pull request #4781 from tianhe1986/develop_hash_pbkdf2Andrey Andreev1-1/+1
Hash: processing algorithm name case-insensitively in hash_pbkdf2()
2016-08-22Merge pull request #4780 from tianhe1986/develop_standard_hex2binAndrey Andreev1-1/+1
[ci skip] Trigger error for "resource" type in hex2bin() inputs
2016-08-19Merge pull request #4777 from tianhe1986/develop_error_handlerAndrey Andreev1-1/+1
Add E_PARSE to errors detected by shutdown handler
2016-07-28[ci skip] Use const keyword to define CI_VERSIONAndrey Andreev1-1/+1
Because.
2016-07-28Remove dead code written for PHP 5.2Andrey Andreev4-219/+3
2016-07-26[ci skip] Mark the start of 3.1.1 developmentAndrey Andreev1-1/+1
2016-07-26Prepare for 3.1.0 releaseClaudio Galdiolo1-1/+1
2016-07-25Merge pull request #4725 from tianhe1986/develop_url_encode_case_insensitiveAndrey Andreev1-2/+2
Fix remove_invisible_characters() for URL-encoded characters in upper case
2016-07-25Merge pull request #4724 from tianhe1986/develop_is_https_strtolowerAndrey Andreev1-1/+1
Compare X-Forwarded-Proto case-insensitively
2016-07-19Fix #4679Andrey Andreev1-2/+2
2016-05-20Merge pull request #4638 from kasimtan/phpdoc_fixesAndrey Andreev4-4/+4
[ci skip] Fixed PHPDoc parameter name and type discrepancies
2016-04-28Fix #4605Andrey Andreev1-6/+3
2016-04-04Fix #4563Andrey Andreev1-12/+14
2016-03-22random_bytes()-related improvementsAndrey Andreev1-4/+22
See #4260
2016-03-22[ci skip] Fix CI_VERSIONAndrey Andreev1-1/+1
2016-03-21[ci skip] Mark the start of 3.0.7 developmentAndrey Andreev1-1/+1
2016-03-21[ci skip] Prepare for 3.0.6 releaseAndrey Andreev1-1/+1
2016-03-11[ci skip] Mark the start of 3.0.6 developmentAndrey Andreev1-1/+1
2016-03-11[ci skip] Prepare for 3.0.5 releaseAndrey Andreev1-1/+1
2016-03-11Add a defensive check in CI_Loader::_ci_load()Andrey Andreev1-0/+8
Prevents possible internal variable overwrites when loading views
2016-03-07Merge pull request #4472 from vibbow/patch-1Andrey Andreev1-1/+1
[ci skip] Update get_instance() return type in docblock
2016-03-07Fix #4475Andrey Andreev1-1/+8
2016-03-01[ci skip] Move flock() call in CI_Log::write_log() immediately after fopen()Andrey Andreev1-2/+2
2016-02-24Merge pull request #4480 from versalle88/developAndrey Andreev1-1/+1
Changed class_exists() calls to ignore __autoload()
2016-02-15Merge pull request #4453 from EpicKris/feature/Autoload-Driver-Object-NameAndrey Andreev1-6/+10
Autoload Driver Object Names
2016-02-09Merge pull request #4323 from ↵Andrey Andreev1-3/+20
jspreddy/sai/log_line_formatting_extensibility_change Refactored CI_Log line formatting to allow extensibility
2016-01-20[ci skip] Fix a documentation error on output cache timesAndrey Andreev1-1/+1
2016-01-13[ci skip] Mark the start of 3.0.5 developmentAndrey Andreev1-1/+1
2016-01-11[ci skip] Update ellislab.com links to https tooAndrey Andreev21-21/+21
2016-01-11[ci skip] Update codeigniter.com links to httpsAndrey Andreev21-42/+42
2016-01-11[ci skip] Bump year to 2016Andrey Andreev21-42/+42
2016-01-04Fix #4350Andrey Andreev1-1/+31
2015-12-07Merge pull request #4291 from b-kaxa/fix-phpdocAndrey Andreev2-1/+2
[ci skip] phpdoc adjustments in CI_Router and CI_URI
2015-11-24Use PHP7's random_bytes() when possibleAndrey Andreev1-0/+16
Close #4260
2015-11-09Merge pull request #4217 from natesilva/fix-ipv6-base_urlAndrey Andreev1-1/+10
Build base_url correctly if SERVER_ADDR is IPv6
2015-11-04[ci skip] Start of 3.0.4 developmentAndrey Andreev1-1/+1
2015-10-31[ci skip] Update changelog, version & upgrade instructionsAndrey Andreev1-1/+1
2015-10-31Prevent Host header injectionsAndrey Andreev1-4/+2
2015-10-31Harden xss_clean()Andrey Andreev1-27/+39
2015-10-30Fix #3201Andrey Andreev1-1/+6
2015-10-12[ci skip] This is 3.0.3-devAndrey Andreev1-1/+1
2015-10-08[ci skip] Prepare 3.0.2 releaseAndrey Andreev1-1/+1
2015-10-05Some more intrusive XSS cleaningAndrey Andreev1-5/+11
2015-10-02More XSS stuffAndrey Andreev1-1/+1
2015-09-24Fix #4137Andrey Andreev1-1/+1
2015-09-21More XSS stuffAndrey Andreev1-3/+3
2015-09-17Don't allow open-ended tags to pass through xss_clean()Andrey Andreev1-4/+9
This was a regression caused by the previous commit
2015-09-17Refactor 'evil attributes' sanitization logicAndrey Andreev1-92/+66
Turned out pretty much impossible to do remove 'evil attributes' with just one pattern - it either breaks something else, hits pcre.backtrack_limit or causes PHP to segfault. No benchmarks made, but there shouldn't be any performance regressions since we're now trying to strip attributes only after it is determined that they are inside a tag; up until now this was done seprately for _sanitize_naughty_html() and _remove_evil_attributes().
2015-09-15Missing character in the evil attributes patternAndrey Andreev1-1/+1
generated by cgit v1.2.3-24-g4f1b (git 2.32.0) at 2024-07-04 14:01:11 +0200