Age | Commit message (Collapse) | Author | Files | Lines |
|
|
|
|
|
when an empty string is attempted to be used as an encryption key
|
|
config file, for additional assurance that session manipulation can be prevented
|
|
operations when using the GD lib.
|
|
|
|
the CI lang file from loading. Fixes #473
|
|
successful POST
|
|
Adding CSRF token into form open()
|
|
were used as the allowed_types.
|
|
|
|
|
|
setting their values to FALSE in the pagination library.
|
|
Upload library.
|
|
|
|
variables, fixes #42
|
|
|
|
|
|
a Zip archive.
|
|
|
|
|
|
|
|
libraries. Fixes #35
|
|
5fe3b04bdf44 to standardize input
|
|
will remove any wrapping \ and "
|
|
guidelines
|
|
on an allowed filetype list in the wrong order: http://codeigniter.com/bug_tracker/bug/11552/
|
|
error. Not noted in changelog, as I figure it's covered by the original note about adding xss clean at all.
|
|
|
|
due to a function being moved from the input to security class.
Moving remove_invisible_characters() to Common.php so the entire class does not need to be instantiated in those database drivers.
|
|
Form_validation going forward!
Removed references to the validation classes documentation page in the changelog as well.
|
|
http://codeigniter.com/bug_tracker/bug/11556/
|
|
|
|
in input when the global XSS filter is enabled
|
|
the Session class
|
|
proposed in 2007, can we add it now pleeeeease?
|
|
creation dates of 1980. Hat tip to JMous for a suggested fix on the forums.
|
|
to mirror EE2.
|
|
over the use of the Security library's xss_clean() method.
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|