1. 38e4a77 Merge branch 'issue227' of https://github.com/johnbellone/CodeIgniter into develop by Phil Sturgeon · 13 years ago
  2. 16f27b4 Changed order by John Bellone · 13 years ago
  3. 52c10b6 Making changes to stop remote spoofing by John Bellone · 13 years ago
  4. 4fbda2a881 Merge branch 'develop' of github.com:philsturgeon/codeigniter-reactor into develop by Phil Sturgeon · 13 years ago
  5. cda768a Added some docs to CI core files by David Behler · 13 years ago
  6. 9b5df59 Added some docs to CI core files by David Behler · 13 years ago
  7. fe1d45a Fixed conflicts. by Phil Sturgeon · 13 years ago
  8. c5dccf7 Get php_sapi_name() == 'cli' involved in the 'is this the command line?' decision. by Phil Sturgeon · 13 years ago
  9. 37f4b9c backed out 648b42a75739, which was a NON-trivial whitespace commit. It broke the Typography class's string replacements, for instance by Derek Jones · 14 years ago
  10. 4b9c629 backed out 648b42a75739, which was a NON-trivial whitespace commit. It broke the Typography class's string replacements, for instance by Derek Jones · 14 years ago
  11. 114ab09 Fixed double-space typo. by Razican · 14 years ago
  12. 14a0ac6 Moving security to core. by Pascal Kriete · 14 years ago
  13. 82f9b15 Standardized newlines even more extensively in Input class. by Phil Sturgeon · 14 years ago
  14. 9aa7dc9 Bugfix in foreach-loop ('name' must be last, as it also is the array's name); consistent handling for 'cookie_secure' config item by tobiasbg · 14 years ago
  15. 33ed0f3 Merged CodeIgniter Core changes and integrated rob1's secure cookie change into my secure cookie change. by Phil Sturgeon · 14 years ago
  16. d8d1e24 Secure cookies can now be made with the set_cookie() helper and Input Class method. by Phil Sturgeon · 14 years ago
  17. 44f2105 Input post() and get() will now return a full array if the first argument is not provided. by Phil Sturgeon · 14 years ago
  18. d98325d Automated merge with https://bitbucket.org/seandowney/codeigniter-reactor by Phil Sturgeon · 14 years ago
  19. 5d5895f Whitespace cleanup in core/ by Pascal Kriete · 14 years ago
  20. ff1cfa1 Updated the post method and added the new functionality to the get method also by vascopj · 14 years ago
  21. d6d9f45 Adding config option to require 'secure' setting for all cookies- requires https. by Robin Sowell · 14 years ago
  22. 0ba58b8 A change to pass all fields back if there are no fields passed into the "post" method. by vascopj · 14 years ago
  23. 3bb336c Automated merge with https://bitbucket.org/ellislab/codeigniter by Phil Sturgeon · 14 years ago
  24. aaec1e4 Renaming the unicode class to utf8 so we don't run the risk of violating the Unicode Consortium's trademark. by Pascal Kriete · 14 years ago
  25. c382871 Reverted regex validation while we re-think the implementation, and added ->input->is_cli_request(); by Phil Sturgeon · 14 years ago
  26. 0711dc8 Hey look, it's 2011 by Greg Aker · 14 years ago
  27. c808915 Implemented GET string support from Dan Horrigan and modified it slightly. Also tweaked his regex_match changes. by Phil Sturgeon · 14 years ago
  28. 65d603e Added full Query String and $_GET array support. This is enabled by default. Added a seperate config option to enable/disable the $_GET array. by Dan Horrigan · 14 years ago
  29. fd69489 Potential PHP 5.4 issue, get_magic_quotes_gpc() is being removed. This change will check the function exists before calling it in Input. by Phil Sturgeon · 14 years ago
  30. 2fae66e Fix #260 - tightening up the is_ajax_request() method in the Input class. Thanks sophistry for the suggestion by Greg Aker · 14 years ago
  31. 081ac9d Adding is_ajax_request() method to CI_Input by Greg Aker · 14 years ago
  32. ec2f571 Adding request_headers() and get_request_header() methods to the input class. The request_headers() method is helpful in non-apache environments where apache_request_headers() isn't going to exist. by Greg Aker · 14 years ago
  33. a926328 Changing all class constructors to __construct() by Greg Aker · 14 years ago
  34. 741de1c Updating PHP requirements in files 5.1.6 by Greg Aker · 14 years ago
  35. dd67197 Cleanup of stray spaces and tabs by Barry Mieny · 14 years ago
  36. 76b369e Changed a few strstr to strpos for consistency w performance guidelines and to mirror EE2. by Robin Sowell · 15 years ago
  37. 69fc4fc significant rewrite to Input class by Derek Jones · 15 years ago
  38. c68dfbf fixed EOF code comment file locations by Derek Jones · 15 years ago
  39. b97d21f moving core library files out of libraries into new core folder by Derek Jones · 15 years ago[Renamed from system/libraries/Input.php]
  40. 7f3719f updated copyrights by Derek Jones · 15 years ago
  41. e24f61a added hyphens to allowed characters in GET keys and vals in submitted URLs in xss_clean() by Derek Jones · 15 years ago
  42. 16d40d7 Fixed a case sensitive string replacement, simplified redundant string replacement by Derek Jones · 16 years ago
  43. fc395a1 updated copyrights to 2009 by Derek Jones · 16 years ago
  44. 42b2e17 ... replaced $CFG->item() with config_item() by Derek Jones · 16 years ago
  45. 97707cc replaced $this->config-> with $CFG-> in ip_address() by Derek Jones · 16 years ago
  46. c597228 added proxy_ips config item to whitelist reverse proxy servers to use the HTTP_X_FORWARDED_FOR header safely to determine the visitor's IP address by Derek Jones · 16 years ago
  47. 9959fed improvements to xss_clean() by Derek Jones · 16 years ago
  48. ab0e31f fixed a bug where whitespace would be lost if a string was forced into a character entity e.g. by Derek Jones · 16 years ago
  49. 2067d1a Changing EOL style to LF by Derek Allard · 16 years ago
  50. 85e65f6 Propset eol-style to CRLF by Derek Jones · 16 years ago
  51. 5f02da0 whitespace by Derek Allard · 16 years ago
  52. ff5d13b syntax simplification for testing first character of string by Derek Jones · 16 years ago
  53. dc50e11 added validation of IP segments to make sure they aren't empty, e.g. 127.0..1 by Derek Jones · 16 years ago
  54. 54d3ed6 removed a global by Rick Ellis · 16 years ago
  55. bfbe735 syntax error by Derek Jones · 16 years ago
  56. 98e2532 unset $Version, $Path, and $Domain cookie keys, to prevent Disallowed Key Characters from halting app execution on environments which improperly set these as keys by Derek Jones · 16 years ago
  57. d02b5bf by Rick Ellis · 16 years ago
  58. e0fc57b removed random invisible character (ASCII 194) from HTML and PHP files by Derek Jones · 16 years ago
  59. 0c734b5 added isindex to the list of naughty never allowed tags in xss_clean() by Derek Jones · 16 years ago
  60. 9dee6ec modified regex for image tag sanitization to retain trailing space and closing slash to remain valid XHTML by Derek Jones · 16 years ago
  61. cbde3f0 changed entity standardization to require at least two characters after an ampersand before forcing a semi-colon by Derek Jones · 16 years ago
  62. dd7f4a9 re-included URL encoded characters within _remove_invisible_characters() which were mistakenly pulled out in a previous commit, not released by Derek Jones · 17 years ago
  63. 68d7bd6 changed link and image regex to be more precise in matching tags, reducing false positive matches by Derek Jones · 17 years ago
  64. e8e18fe Changed regex for onfoo event handlers to prevent unwanted matching of text such as locatiON, cONtent, etc. by Derek Jones · 17 years ago
  65. 067e5dd whitespace by Derek Jones · 17 years ago
  66. 40f38f1 simplified regex for _remove_invisible_characters() - since we rawurldecode() the string, there's no need to go looking for url encoded characters here by Derek Jones · 17 years ago
  67. d6c6998 fixed accidental removal of $converted_string in xss_clean() for image comparison by Derek Jones · 17 years ago
  68. fc18b00 added a bit of leeway for images to avoid the more common false-positives that using xss_clean() on image files might trigger by Derek Jones · 17 years ago
  69. 7aae905 Further improvements to xss_clean() by Derek Jones · 17 years ago
  70. d3ee041 Added get_post() to the Input class. Documented get() in the Input class. by Derek Allard · 17 years ago
  71. 7a3b96e picky picky Jones adjusts some syntax by Derek Jones · 17 years ago
  72. c1acb41 a few tweaks for speed by Derek Allard · 17 years ago
  73. 144cb5b simplified and refactored input filtering and retrieval by Derek Jones · 17 years ago
  74. c04f0fc emendation to on* event handler removal by Derek Jones · 17 years ago
  75. 92bb3e6 decided just to kill all on*= event handlers, rather than trying to keep up with (and require users to do the same) with a blacklist. by Derek Jones · 17 years ago
  76. 9f23e7c moved word compacting to a callback for clarity, added a few js event handlers for removal by Derek Jones · 17 years ago
  77. 908ecc6 more complete protection against malformed link tags to protect against hex entities and href=data:url exploits by Derek Jones · 17 years ago
  78. bd08d84 improved security in xss_clean(), added <audio> and <video> tags to naughty HTML tags, and the HTML5 event handlers onerror and onended by Derek Jones · 17 years ago
  79. 245038d addition xss protection against certain data urls, stripping of anything sent with utf-7 encoding by Derek Jones · 17 years ago
  80. 63fc5fe added ability to use xss_clean() to test images, and improved security for vectors particular to the Opera family of browsers by Derek Jones · 17 years ago
  81. 000ab69 Hey you! Yeah, you, that other set of hardcoded arrays in xss_clean(). You're coming with me, pal! by Derek Jones · 17 years ago
  82. e3332b0 increased security and performance of xss_clean(), added _sanitize_naughty_html() callback and removed "never allowed" items to a class property by Derek Jones · 17 years ago
  83. 0b59f27 Some sweeping syntax changes for consistency: by Derek Jones · 17 years ago
  84. 751506e fixed a misspelling in the Input library of CDATA by Derek Allard · 17 years ago
  85. 15dcf49 removed an ereg from config by Derek Allard · 17 years ago
  86. 53437de Added protection in xss_clean() for GET variables in URLs by Derek Jones · 17 years ago
  87. a3ffbbb Removed closing PHP tags, replaced with a comment block identifying the end of the file by Derek Jones · 17 years ago
  88. c7deac9 Undoing change committed in r1115 by Derek Jones · 17 years ago
  89. 5583e1a removed closing PHP tag from all framework files by Derek Jones · 17 years ago
  90. 7327499 Added get_dir_file_info(), get_file_info(), and get_mime_by_extension() to the File Helper. by Derek Allard · 17 years ago
  91. 0ea06fd * Fixed a bug (#3396) where certain POST variables would cause a PHP warning. by Derek Jones · 17 years ago
  92. ab32a42 changed URL decoding implementation of xss_clean() to use rawurldecode() to discontinue misconversion of characters to bad entities, and to continue avoidance of unwanted removal of + signs by Derek Jones · 17 years ago
  93. d85a11e added CI's global variables to the protected array in_sanitize_globals() by Derek Jones · 17 years ago
  94. 7a9193a replaced www.codeigniter.com with codeigniter.com by Derek Jones · 17 years ago
  95. 3d879d5 ExpressionEngine Dev Team in credit by Derek Allard · 17 years ago
  96. 6838f00 Fixed a typo in the docblock comments that had CodeIgniter spelled CodeIgnitor. by Derek Allard · 17 years ago
  97. 6159d1d Switched from CI super object to $CFG to fetch charset by Derek Jones · 18 years ago
  98. 303c9cb added attribute and html entity decode callbacks to xss_clean() by Derek Jones · 18 years ago
  99. 48bb32a further xss_clean() enhancements by Derek Jones · 18 years ago
  100. 01f0888 by paulburdick · 18 years ago