From f82e51cd8f46b112c3c400d43db9044854a8e805 Mon Sep 17 00:00:00 2001
From: Greg Aker <greg.aker@ellislab.com>
Date: Wed, 14 Apr 2010 19:33:50 -0500
Subject: Update to File Upload library to return boolean on do_xss_clean().

---
 user_guide/changelog.html                | 1 +
 user_guide/libraries/file_uploading.html | 6 ++++++
 2 files changed, 7 insertions(+)

(limited to 'user_guide')

diff --git a/user_guide/changelog.html b/user_guide/changelog.html
index 5e0f5ae05..25b3b1744 100644
--- a/user_guide/changelog.html
+++ b/user_guide/changelog.html
@@ -93,6 +93,7 @@ Hg Tag: </p>
 			<li>The <a href="libraries/unit_testing.html">Unit Test Class</a> now has an optional "notes" field available to it, and allows for discrete display of test result items using <kbd>$this->unit->set_test_items()</kbd>.</li>
 			<li>Added a <kbd>$xss_clean</kbd> class variable to the XMLRPC library, enabling control over the use of the Security library's <kbd>xss_clean()</kbd> method.</li>
 			<li>Added a <kbd>download()</kbd> method to the <a href="libraries/ftp.html">FTP library</a></li>
+			<li>Changed <kbd>do_xss_clean()</kbd> to return FALSE if the uploaded file fails XSS checks.</li> 
 		</ul>
 	</li>
 	<li>Database
diff --git a/user_guide/libraries/file_uploading.html b/user_guide/libraries/file_uploading.html
index d143f5b6e..061d55627 100644
--- a/user_guide/libraries/file_uploading.html
+++ b/user_guide/libraries/file_uploading.html
@@ -318,6 +318,12 @@ $this->upload->initialize($config);</code>
 <td class="td">TRUE/FALSE (boolean)</td>
 <td class="td">If set to TRUE, any spaces in the file name will be converted to underscores. This is recommended.</td>
 </tr>
+<tr>
+<td class="td"><strong>xss_clean</strong></td>
+<td class="td">FALSE</td>
+<td class="td">TRUE/FALSE (boolean)</td>
+<td class="td">If set to TRUE, the files will be tested for XSS vulnerabilities.</td> 
+</tr>
 </table>
 
 
-- 
cgit v1.2.3-24-g4f1b