78e1b70e35b45455728e4126ed1b19d6332ad26b - code-igniter-v3-giggi

commit	78e1b70e35b45455728e4126ed1b19d6332ad26b	[log] [tgz]
author	rajatsharma94 <rajat.shrma94@gmail.com>	Mon Jul 20 22:49:56 2015 +0530
committer	rajatsharma94 <rajat.shrma94@gmail.com>	Mon Jul 20 22:49:56 2015 +0530
tree	082167986d5cfe0e42d13414c3db0ad603eb8495
parent	08b9f20df1c108be5c1ab8b32c0fcbed31a079b3 [diff]

Failed security check

The implemented security check to make sure the path is NOT a URL can easily be bypassed (gives false negative) for all subdomains. 
Eg "subdomain.domain.com" should ideally show an error but it does not.

The new security check tries to make a fsockopen connection to validate whether the URL is external or not.

system/helpers/path_helper.php[diff]

1 file changed

tree: 082167986d5cfe0e42d13414c3db0ad603eb8495

.gitattributes
.gitignore
.travis.yml
DCO.txt
application/
composer.json
contributing.md
index.php
license.txt
phpdoc.dist.xml
readme.rst
system/
tests/
user_guide_src/