Age | Commit message (Collapse) | Author | Files | Lines |
|
false positive matches
|
|
such as locatiON, cONtent, etc.
|
|
|
|
rawurldecode() the string, there's no need to go looking for url encoded characters here
|
|
method
|
|
helper (hotfix for 1.6.3)
|
|
directory.
|
|
|
|
|
|
Bytes use whole numbers (123.0 bytes is just silly)
|
|
comparison
|
|
that using xss_clean() on image files might trigger
|
|
|
|
the Language class.
|
|
Documented get() in the Input class.
|
|
|
|
|
|
|
|
|
|
|
|
changed to FALSE
|
|
|
|
|
|
|
|
arrays or strings as arguments.
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
with (and require users to do the same) with a blacklist.
|
|
handlers for removal
|
|
multi-column non-primary keys in table creation
|
|
|
|
Removed some unused variables from the code (#4563).
Fixed a bug where having() was not adding an = into the statement (#4568).
|
|
entities and href=data:url exploits
|
|
|
|
detected or explicitly declared.
|
|
HTML tags, and the HTML5 event handlers onerror and onended
|
|
|
|
|
|
|
|
tiny memory and speed improvement.
|
|
|
|
sent with utf-7 encoding
|
|
vectors particular to the Opera family of browsers
|
|
variable.
|