From 53437de1f94dd4c0ab270f0c6d2309344d323d9e Mon Sep 17 00:00:00 2001
From: Derek Jones <derek.jones@ellislab.com>
Date: Mon, 12 May 2008 18:07:08 +0000
Subject: Added protection in xss_clean() for GET variables in URLs

http://codeigniter.com/bug_tracker/bug/4167/
---
 user_guide/changelog.html | 2 ++
 1 file changed, 2 insertions(+)

(limited to 'user_guide')

diff --git a/user_guide/changelog.html b/user_guide/changelog.html
index de579f1ac..c7e48d855 100644
--- a/user_guide/changelog.html
+++ b/user_guide/changelog.html
@@ -109,6 +109,7 @@ SVN Commit: not currently released</p>
 	<li>Other
 		Changes
 		<ul>
+			<li>Added ability for <a href="libraries/input.html">xss_clean()</a> to accept arrays.</li>
 			<li>Removed closing PHP tags from all PHP files to avoid accidental output and potential 'cannot modify headers' errors.</li>
 			<li>Added a <a href="general/reserved_names.html">Reserved Names</a> page to the userguide, and migrated reserved controller names into it.</li>
 			<li>Added a <a href="general/common_functions.html">Common Functions</a> page to the userguide for globally available functions.</li>
@@ -128,6 +129,7 @@ SVN Commit: not currently released</p>
 	<li>Fixed an AR_caching error where it wasn't tracking table aliases (#3463).</li>
 	<li>Fixed a bug in AR compiling, where select statements with arguments got incorrectly escaped (#3478).</li>
 	<li>Fixed an AR bug with or_where_not_in() (#4171).</li>
+	<li>Fixed a bug with <a href="libraries/input.html">xss_clean()</a> that would add semicolons to GET URI variable strings.</li>
 	<li>Fixed a bug in the FTP library where delete_dir() was not working recursively (#4215).</li>
 	<li>Fixed a Validation bug when set_rules() is used with a non-array field name and rule (#4220).</li>
 	<li>Fixed a bug in the Upload library that might output the same error twice (#4390).</li>
-- 
cgit v1.2.3-24-g4f1b