From 29e12641a1bb952f493462db6757ae12c7da1f2c Mon Sep 17 00:00:00 2001
From: Andrey Andreev <narf@devilix.net>
Date: Mon, 10 Feb 2014 13:24:44 +0200
Subject: CI_Security: URL-decode until possible

---
 system/core/Security.php | 6 +++++-
 1 file changed, 5 insertions(+), 1 deletion(-)

(limited to 'system/core')

diff --git a/system/core/Security.php b/system/core/Security.php
index 75c994ae1..beb7f56e0 100644
--- a/system/core/Security.php
+++ b/system/core/Security.php
@@ -359,7 +359,11 @@ class CI_Security {
 		 *
 		 * Note: Use rawurldecode() so it does not remove plus signs
 		 */
-		$str = rawurldecode($str);
+		do
+		{
+			$str = rawurldecode($str);
+		}
+		while (preg_match('/%[0-9a-f]{2,}/i', $str));
 
 		/*
 		 * Convert character entities to ASCII
-- 
cgit v1.2.3-24-g4f1b