Age | Commit message (Collapse) | Author | Files | Lines | |
---|---|---|---|---|---|
2014-02-07 | Merge branch 'develop' into 'feature/user-guide-cleanup' | Andrey Andreev | 11 | -19/+41 | |
2014-02-07 | Merge branch 'develop' into feature/encryption | Andrey Andreev | 3 | -4/+3 | |
2014-02-07 | Use is_really_writable() in captcha helper | Andrey Andreev | 1 | -1/+1 | |
2014-02-07 | Use is_really_writable() in get_file_info() | Andrey Andreev | 1 | -2/+1 | |
2014-02-07 | CI_Encryption: Optimizations and test cases | Andrey Andreev | 1 | -26/+18 | |
2014-02-06 | Typo Fix | Vivek Dinesh | 1 | -1/+1 | |
Signed-off-by: Vivek Dinesh <vivekdinesh5@gmail.com> | |||||
2014-02-06 | Merge changes from develop | Andrey Andreev | 2 | -2/+10 | |
2014-02-06 | Make CI_Session's HMAC comparison time-attack-safe | Andrey Andreev | 1 | -1/+9 | |
2014-02-06 | CI_Encryption: CAST-128/CAST5 and RC4/ARCFour compatibility | Andrey Andreev | 1 | -15/+50 | |
2014-02-06 | CI_Encryption: Time-attack-safe HMAC verification | Andrey Andreev | 1 | -4/+18 | |
2014-02-05 | Fix #2856 | Andrey Andreev | 1 | -1/+1 | |
2014-02-05 | CI_Encryption: HMAC to not be derived from the encryption key | Andrey Andreev | 1 | -58/+56 | |
2014-02-05 | More CI_Encryption improvements | Andrey Andreev | 1 | -46/+6 | |
- Make OpenSSL the default driver if available (because MCrypt is stupid). - Require MCRYPT_DEV_URANDOM for the MCrypt availability check (because security; also, incidentally - it's faster that way ;)). | |||||
2014-02-05 | CI_Encryption: More MCrypt/OpenSSL compatibility and get rid of the ↵ | Andrey Andreev | 1 | -17/+69 | |
MCRYPT_MODE_* constants | |||||
2014-02-05 | CI_Encryption: Add Blowfish to compatibility list | Andrey Andreev | 1 | -7/+11 | |
2014-02-05 | CI_Encryption: Work around MCrypt's dumb behavior in ECB mode | Andrey Andreev | 1 | -49/+65 | |
2014-02-05 | Merge branch 'develop' into feature/encryption | Andrey Andreev | 1 | -0/+5 | |
2014-02-05 | Integrate CI_Encryption into the framework | Andrey Andreev | 1 | -25/+30 | |
TODO: Add documentation in user_guide_src/source/libraries/encryption.rst | |||||
2014-02-04 | CI_Encryption: Remove ARCFour from aliased ciphers due ... | Andrey Andreev | 1 | -4/+2 | |
Seems like there are some issues with it | |||||
2014-02-04 | CI_Encryption: Fix more errors and add a 'portability' test case | Andrey Andreev | 1 | -17/+17 | |
2014-02-04 | Fix a logical error in CI_Encryption | Andrey Andreev | 1 | -3/+3 | |
2014-02-04 | CI_Encryption: Fix some errors and add unit tests for hkdf() | Andrey Andreev | 1 | -10/+10 | |
2014-02-04 | CI_Encryption improvements | Andrey Andreev | 1 | -99/+199 | |
- HMAC authentication by default. - HKDF support. - Reduce code repetition. | |||||
2014-02-03 | [ci skip] Update info on function_usable | Andrey Andreev | 1 | -0/+5 | |
2014-02-03 | Introducing CI_Encryption (a CI_Encrypt replacement) | Andrey Andreev | 1 | -0/+718 | |
2014-01-30 | Previous 2 commits were just dumb | Andrey Andreev | 2 | -3/+3 | |
2014-01-30 | Fix a syntax error from last commit | Andrey Andreev | 1 | -1/+1 | |
2014-01-30 | Some fail-safe pdo_pgsql adjustments | Andrey Andreev | 2 | -2/+7 | |
2014-01-28 | Fix #2845 | Andrey Andreev | 1 | -1/+1 | |
2014-01-28 | Fix #2844 | Andrey Andreev | 1 | -1/+1 | |
2014-01-25 | Add <math> to 'naughty' HTML elements | Andrey Andreev | 1 | -1/+1 | |
2014-01-25 | Previous commit caused side effects ... | Andrey Andreev | 1 | -2/+2 | |
2014-01-25 | Fix CI_Security::_remove_evil_attributes() being way too aggressive | Andrey Andreev | 1 | -2/+2 | |
2014-01-25 | Re-add 'on\w*' to evil attributes (rel #2667) | Andrey Andreev | 1 | -2/+1 | |
2014-01-25 | Partially fix #2667 | Andrey Andreev | 1 | -2/+8 | |
2014-01-24 | Merge branch 'develop' into feature/user-guide-cleanup | Andrey Andreev | 2 | -3/+6 | |
2014-01-24 | [ci skip] Add a link to PHP bug 54709 in is_really_writable()'s docblock | Andrey Andreev | 1 | -0/+1 | |
2014-01-24 | CI_Security: Also add <svg> to 'naughty' HTML elements | Andrey Andreev | 1 | -1/+1 | |
2014-01-24 | CI_Security: Add <select> and <keygen> tags to the list of 'naughty' HTML ↵ | Andrey Andreev | 1 | -1/+1 | |
elements | |||||
2014-01-24 | Fix syntax errors | Andrey Andreev | 1 | -2/+2 | |
2014-01-24 | CI_Security: Add 'form' and 'xlink:href' to evil attributes | Andrey Andreev | 1 | -1/+1 | |
2014-01-24 | Add &newline; and &tab; to CI_Security:: | Andrey Andreev | 1 | -1/+3 | |
2014-01-24 | Merge branch 'develop' into feature/user-guide-cleanup | Andrey Andreev | 11 | -72/+242 | |
2014-01-24 | Righting a wrong in the Session library | Andrey Andreev | 2 | -41/+50 | |
- Change userdata(), flashdata(), tempdata() to return all the respective data when no parameter is passed. - Revert the addition of all_flashdata(). - Deprecate all_userdata(). - Fix related changelog entries that were all inconsistent. | |||||
2014-01-24 | [ci skip] AND -> && | Andrey Andreev | 1 | -1/+1 | |
2014-01-23 | Fix #2836 | Andrey Andreev | 1 | -1/+1 | |
2014-01-22 | CI_Security::_decode_entity() to replace dangerous HTML5 entities | Andrey Andreev | 1 | -1/+19 | |
Related to issue #2771 | |||||
2014-01-21 | Add <button> to the list of 'naugthy' html elements in CI_Security::xss_clean() | Andrey Andreev | 1 | -2/+2 | |
2014-01-21 | Merge branch 'feature/dbforge_table_attributes' into develop | Andrey Andreev | 4 | -23/+103 | |
2014-01-21 | SQLSRV improvements | Andrey Andreev | 2 | -3/+66 | |
Mainly for performance (issue #2474), but also added a 'scrollable' configuration flag and auto-detection for SQLSRV_CURSOR_CLIENT_BUFFERED (only available since SQLSRV 3). |