summaryrefslogtreecommitdiffstats
path: root/system
AgeCommit message (Expand)AuthorFilesLines
2015-10-02More XSS stuffAndrey Andreev1-1/+1
2015-09-29Merge pull request #4126 from zoaked/patch-1Andrey Andreev1-1/+0
2015-09-24Fix #4137Andrey Andreev1-1/+1
2015-09-21More XSS stuffAndrey Andreev1-3/+3
2015-09-17Don't allow open-ended tags to pass through xss_clean()Andrey Andreev1-4/+9
2015-09-17Refactor 'evil attributes' sanitization logicAndrey Andreev1-92/+66
2015-09-16Fix #4116Andrey Andreev1-6/+6
2015-09-16Fix #4120Andrey Andreev1-3/+13
2015-09-15Missing character in the evil attributes patternAndrey Andreev1-1/+1
2015-09-14Another addition to tag detection patterns in xss_clean()Andrey Andreev1-1/+4
2015-09-14Close #4098Andrey Andreev1-2/+18
2015-09-14Fix #4032Andrey Andreev1-5/+8
2015-09-14Fix #4044Andrey Andreev1-5/+5
2015-09-14Fix #4109Andrey Andreev1-20/+22
2015-09-14Add 'eval' to a JS blacklist in xss_clean()Andrey Andreev1-7/+10
2015-09-14Move _remove_evil_attributes() callAndrey Andreev1-4/+3
2015-09-11Harden xss_clean() moreAndrey Andreev1-5/+37
2015-09-11Improve on previous commitAndrey Andreev1-1/+1
2015-09-11Replace the latest XSS patchesAndrey Andreev1-9/+21
2015-09-10Last commit didn't adjust a RE indexAndrey Andreev1-1/+1
2015-09-10Fix & extend 700619cebf75c4e4fcda6a2d7bea1afb84a029e4Andrey Andreev1-2/+2
2015-09-10Change form validation library to allow the pipe character within square brac...rich1-1/+1
2015-09-10Fix #4106Andrey Andreev1-2/+2
2015-09-07Remove unnecessary count() calls from _sanitize_globals()Andrey Andreev1-3/+3
2015-09-07Move csrf_verify() call out of _sanitize_globals()Andrey Andreev1-6/+6
2015-09-03Fix #4096Andrey Andreev1-1/+1
2015-09-01Fix #4093Andrey Andreev1-1/+1
2015-09-01There was an extra = sign in this fileMarco Monteiro1-1/+1
2015-08-31[ci skip] Fix #4091Andrey Andreev1-1/+1
2015-08-31Fix #4086Andrey Andreev1-13/+13
2015-08-31Fix #4073Andrey Andreev1-7/+16
2015-08-31Fix #4066Andrey Andreev2-18/+6
2015-08-20Fix #4065Andrey Andreev1-1/+1
2015-08-19[ci skip] Fix 'sqlsrv' connect failure endless loopAndrey Andreev1-7/+8
2015-08-17Allow capitals in the middle of model namesAndrey Andreev1-1/+1
2015-08-15Fix #4056Andrey Andreev1-1/+1
2015-08-14Fix #4052Andrey Andreev1-20/+0
2015-08-13Fix typo in commentsClaudio Galdiolo1-1/+1
2015-08-07[ci skip] Partial patch for #2284Andrey Andreev1-2/+5
2015-08-07[ci skip] Start of 3.0.2-devAndrey Andreev1-1/+1
2015-08-07Fix #4023Andrey Andreev1-1/+1
2015-08-07Fix ReDoS-bug in string_helper.phpKevin Morssink1-1/+1
2015-08-05Fix #4026Andrey Andreev1-1/+4
2015-08-05Reduce once $config['query_toggle_count'] checkingbjjay1-6/+0
2015-08-05Fix #4027Andrey Andreev1-8/+12
2015-08-03Fix #4015Andrey Andreev1-1/+2
2015-08-03[ci skip] Normalize tabs/spacesAndrey Andreev9-18/+18
2015-07-31Fix #4012Andrey Andreev1-1/+4
2015-07-29Fix a 'counter-#3989' bugAndrey Andreev1-5/+15
2015-07-28Fix #4005Andrey Andreev1-1/+1
generated by cgit v1.2.3-24-g4f1b (git 2.32.0) at 2024-11-01 10:21:22 +0100