| Age | Commit message (Expand) | Author | Files | Lines |
|---|
| 2010-01-05 | updated copyrights | Derek Jones | 1 | -1/+1 |
| 2009-11-05 | added hyphens to allowed characters in GET keys and vals in submitted URLs in... | Derek Jones | 1 | -1/+1 |
| 2009-07-10 | Fixed a case sensitive string replacement, simplified redundant string replac... | Derek Jones | 1 | -2/+2 |
| 2009-04-22 | updated copyrights to 2009 | Derek Jones | 1 | -1/+1 |
| 2009-02-05 | ... replaced $CFG->item() with config_item() | Derek Jones | 1 | -4/+2 |
| 2009-02-05 | replaced $this->config-> with $CFG-> in ip_address() | Derek Jones | 1 | -2/+4 |
| 2009-02-04 | added proxy_ips config item to whitelist reverse proxy servers to use the HTT... | Derek Jones | 1 | -2/+9 |
| 2009-02-04 | improvements to xss_clean() | Derek Jones | 1 | -5/+6 |
| 2008-12-05 | fixed a bug where whitespace would be lost if a string was forced into a char... | Derek Jones | 1 | -1/+1 |
| 2008-11-13 | Changing EOL style to LF | Derek Allard | 1 | -1058/+1058 |
| 2008-11-12 | Propset eol-style to CRLF | Derek Jones | 1 | -1058/+1058 |
| 2008-11-05 | whitespace | Derek Allard | 1 | -1058/+1058 |
| 2008-10-17 | syntax simplification for testing first character of string | Derek Jones | 1 | -1/+1 |
| 2008-10-17 | added validation of IP segments to make sure they aren't empty, e.g. 127.0..1 | Derek Jones | 1 | -1/+1 |
| 2008-10-17 | removed a global | Rick Ellis | 1 | -1/+1 |
| 2008-10-07 | syntax error | Derek Jones | 1 | -1/+1 |
| 2008-10-07 | unset $Version, $Path, and $Domain cookie keys, to prevent Disallowed Key Cha... | Derek Jones | 1 | -0/+8 |
| 2008-09-13 | (no commit message) | Rick Ellis | 1 | -1/+1 |
| 2008-09-04 | removed random invisible character (ASCII 194) from HTML and PHP files | Derek Jones | 1 | -3/+3 |
| 2008-08-27 | added isindex to the list of naughty never allowed tags in xss_clean() | Derek Jones | 1 | -1/+1 |
| 2008-08-27 | modified regex for image tag sanitization to retain trailing space and closin... | Derek Jones | 1 | -1/+1 |
| 2008-08-15 | changed entity standardization to require at least two characters after an am... | Derek Jones | 1 | -1/+1 |
| 2008-07-03 | re-included URL encoded characters within _remove_invisible_characters() whic... | Derek Jones | 1 | -1/+3 |
| 2008-07-03 | changed link and image regex to be more precise in matching tags, reducing fa... | Derek Jones | 1 | -3/+3 |
| 2008-07-01 | Changed regex for onfoo event handlers to prevent unwanted matching of text s... | Derek Jones | 1 | -4/+4 |
| 2008-06-30 | whitespace | Derek Jones | 1 | -1/+0 |
| 2008-06-30 | simplified regex for _remove_invisible_characters() - since we rawurldecode()... | Derek Jones | 1 | -5/+4 |
| 2008-06-25 | fixed accidental removal of $converted_string in xss_clean() for image compar... | Derek Jones | 1 | -0/+5 |
| 2008-06-25 | added a bit of leeway for images to avoid the more common false-positives tha... | Derek Jones | 1 | -2/+11 |
| 2008-06-25 | Further improvements to xss_clean() | Derek Jones | 1 | -47/+83 |
| 2008-06-20 | Added get_post() to the Input class. | Derek Allard | 1 | -0/+22 |
| 2008-06-04 | picky picky Jones adjusts some syntax | Derek Jones | 1 | -2/+1 |
| 2008-06-04 | a few tweaks for speed | Derek Allard | 1 | -3/+4 |
| 2008-06-04 | simplified and refactored input filtering and retrieval | Derek Jones | 1 | -97/+32 |
| 2008-06-04 | emendation to on* event handler removal | Derek Jones | 1 | -3/+2 |
| 2008-05-30 | decided just to kill all on*= event handlers, rather than trying to keep up w... | Derek Jones | 1 | -2/+2 |
| 2008-05-30 | moved word compacting to a callback for clarity, added a few js event handler... | Derek Jones | 1 | -3/+20 |
| 2008-05-21 | more complete protection against malformed link tags to protect against hex e... | Derek Jones | 1 | -13/+25 |
| 2008-05-20 | improved security in xss_clean(), added <audio> and <video> tags to naughty H... | Derek Jones | 1 | -22/+14 |
| 2008-05-15 | addition xss protection against certain data urls, stripping of anything sent... | Derek Jones | 1 | -2/+12 |
| 2008-05-15 | added ability to use xss_clean() to test images, and improved security for ve... | Derek Jones | 1 | -37/+49 |
| 2008-05-13 | Hey you! Yeah, you, that other set of hardcoded arrays in xss_clean(). You'... | Derek Jones | 1 | -21/+3 |
| 2008-05-13 | increased security and performance of xss_clean(), added _sanitize_naughty_ht... | Derek Jones | 1 | -24/+56 |
| 2008-05-13 | Some sweeping syntax changes for consistency: | Derek Jones | 1 | -15/+21 |
| 2008-05-12 | fixed a misspelling in the Input library of CDATA | Derek Allard | 1 | -1/+1 |
| 2008-05-12 | removed an ereg from config | Derek Allard | 1 | -110/+112 |
| 2008-05-12 | Added protection in xss_clean() for GET variables in URLs | Derek Jones | 1 | -3/+55 |
| 2008-05-11 | Removed closing PHP tags, replaced with a comment block identifying the end o... | Derek Jones | 1 | -1/+3 |
| 2008-05-11 | Undoing change committed in r1115 | Derek Jones | 1 | -0/+1 |
| 2008-05-11 | removed closing PHP tag from all framework files | Derek Jones | 1 | -1/+0 |
