Gitiles
Code Review Sign In
www.giggi.me / code-igniter-v3-giggi / b5a021994c368c77076b50ef4b9886baa886b654 / system / core / Security.php
  1. 4495cc7 Rename bad chars property to filename_bad_chars, remove the setter and add changelog entry by Hunter Wu · 11 years ago
  2. a8d6d3b Make the bad filename array public in Security library by Hunter Wu · 11 years ago
  3. 8df3352 Revert "Add windows filename rule as an option for upload files" by Hunter Wu · 11 years ago
  4. 23719ab Add windows filename rule as an option for upload files by Hunter Wu · 11 years ago
  5. 0612756 Some cleanup related to mt_rand() by vlakoff · 12 years ago
  6. 7e55977 Replace CI_Upload::clean_file_name() usage with CI_Security::sanitize_filename() by Andrey Andreev · 12 years ago
  7. 80500af [ci skip] Happy new year by Andrey Andreev · 12 years ago
  8. 72ed4c3 [ci skip] Some micro-optimizations and style changes by Andrey Andreev · 12 years ago
  9. 638a9d2 Replaced spaces with tabs for indentation and || with OR by brian978 · 12 years ago
  10. 0fb1018 Merge remote-tracking branch 'upstream/develop' into develop by brian978 · 12 years ago
  11. 4296a65 update for Issue #2064 (changed docblocks which return $this or only call a method that returns $this to @return CI_DB_class_name) by Andrew Podner · 12 years ago
  12. 07ccbe5 Modified regexp to match partial tags by brian978 · 12 years ago
  13. 6caeaad Removed boundary from regexp by brian978 · 12 years ago
  14. 0a83fcc Fixed bug with regexp that matched tags by brian978 · 12 years ago
  15. f50fc73 All the HEX code must be replaced or else some XSS attacks can be successful by brian978 · 12 years ago
  16. 160c7d1 Added small improvement to the _remove_evil_attributes function by brian978 · 12 years ago
  17. 838a9d6 [ci skip] Cleaned some spaces by Andrey Andreev · 12 years ago
  18. c5536aa Manually apply PR #1594 (fixing phpdoc page-level generation/warnings) by Andrey Andreev · 12 years ago
  19. 6435410 [ci skip] DocBlock improvements for Security library by Andrey Andreev · 12 years ago
  20. f795ab5 [ci skip] Document get_csrf_token_name(), get_csrf_hash() (issue #715) by Andrey Andreev · 12 years ago
  21. 3fb0267 Add is_https() as a common function by Andrey Andreev · 12 years ago
  22. a81f60c Clean up regexes in Security->xss_clean() by vlakoff · 13 years ago
  23. 1a24a9d Fix issue #427 by Andrey Andreev · 13 years ago
  24. 0d2c06e Change file permissions for system/core/*.php and system/database/DB.php so that they don't differ from the rest by Andrey Andreev · 13 years ago
  25. 9ba661b Revert/optimize some changes from ed944a3c70a0bad158cd5a6ca5ce1f2e717aff5d by Andrey Andreev · 13 years ago
  26. ed944a3 Replaced `==` with `===` and `!=` with `!==` in /system/core by Alex Bilbie · 13 years ago
  27. 6c7526c Continuation for Security and Table code-coverage, add coverage report to travis by Taufan Aditya · 13 years ago
  28. 76c5185 Merge branch 'develop' of github.com:EllisLab/CodeIgniter into develop by Phil Sturgeon · 13 years ago
  29. 714252b Fixed conflicts from merging in 2.1.1. by Phil Sturgeon · 13 years ago
  30. 92ebfb6 Cleanup the core classes by Andrey Andreev · 13 years ago
  31. e2c374f Check cookie against md5 regex. by Alexander Hofstede · 13 years ago
  32. d348135 Merge branch 'develop' of github.com:EllisLab/CodeIgniter into develop by Wes Baker · 13 years ago
  33. 5335bc3 Updating XSS cleaning to better handle base64 encoded attributes. by Wes Baker · 13 years ago
  34. 48a7fbb Use tabs to separate class properties by Timothy Warren · 13 years ago
  35. 40403d2 Additional formatting fixes by Timothy Warren · 13 years ago
  36. ad47505 Normalize comments in core files by Timothy Warren · 13 years ago
  37. 4ad0fd8 add support for httponly cookies by freewil · 13 years ago
  38. 8e2ca4e Merge branch 'develop' of github.com:EllisLab/CodeIgniter into develop by Phil Sturgeon · 13 years ago
  39. 07c1ac8 Bumped CodeIgniter's PHP requirement to 5.2.4. by Phil Sturgeon · 13 years ago
  40. 5d27c43 Fix issue #940 by Andrey Andreev · 13 years ago
  41. a10c8e1 Add strtolower to the HTTPS check by Andrey Andreev · 13 years ago
  42. 67ccdc0 Do not create a CSRF cookie if CSRF protection is not enabled by Andrey Andreev · 13 years ago
  43. 4562f2c Some more stuff ... by Andrey Andreev · 13 years ago
  44. 8a7d078 Remove some tabs by Andrey Andreev · 13 years ago
  45. bf70d62 Merge remote-tracking branch 'upstream/develop' into develop-core-security by Andrey Andreev · 13 years ago
  46. 352d60e Merge pull request #850 from RS71/develop by Phil Sturgeon · 13 years ago
  47. bb488dc Improve the core Security library by Andrey Andreev · 13 years ago
  48. 0defe5d Updating copyright date to 2012 by Greg Aker · 13 years ago
  49. 2be25a6 Update system/core/Security.php by RS71 · 13 years ago
  50. 03abee3 Fixing soft tabs in a few files. by Greg Aker · 13 years ago
  51. c00a5a0 Merge master (2.1.0) and fixed conflicts. by Phil Sturgeon · 13 years ago
  52. c38e3b6 Tweaking the xss filter for IE <comment> tags, parameter injection, and weird html5 attributes. by Pascal Kriete · 13 years ago
  53. f4a4bd8 adding new license file (OSL 3.0) and updating readme to ReST by Derek Jones · 13 years ago
  54. 064da7b Fix location file Security Class to core folder by purwandi · 13 years ago
  55. 3d113bd Clean up core Security class by Andrey Andreev · 13 years ago
  56. d93e6f3 Fix #484 - Hash is never set to the cookie by Chris Berthe · 13 years ago
  57. e378a39 fixed issue #192 by Rommel Castro A · 13 years ago
  58. 5c9b0d1 always use charset config item by freewil · 13 years ago
  59. 8cc0cfe always use charset config item by freewil · 13 years ago
  60. c696253 Merge remote-tracking branch 'alexbilbie/csrf-override' into feature/csrf-verify by Eric Barnes · 13 years ago
  61. aeb2c3e Added new config parameter "csrf_exclude_uris" which allows for URIs to be whitelisted from CSRF verification. Fixes #149 by Alex Bilbie · 13 years ago
  62. 07b5342 Added some docs to CI core files by David Behler · 13 years ago
  63. 37f4b9c backed out 648b42a75739, which was a NON-trivial whitespace commit. It broke the Typography class's string replacements, for instance by Derek Jones · 14 years ago
  64. 4b9c629 backed out 648b42a75739, which was a NON-trivial whitespace commit. It broke the Typography class's string replacements, for instance by Derek Jones · 14 years ago
  65. 114ab09 Fixed double-space typo. by Razican · 14 years ago
  66. b3e614d Change in core/Security.php to match coding standards. by Greg Aker · 14 years ago
  67. 9e26798 Fix: codeigniter-reactor/199 cookie name was overwritten with token name by patwork · 14 years ago
  68. ef1a55a Fix: codeigniter-reactor/199 CSRF config in Security class is no longer ignored by patwork · 14 years ago
  69. 14a0ac6 Moving security to core. by Pascal Kriete · 14 years ago[Renamed from system/libraries/Security.php]
  70. c9c045a Improving parameter security in xss clean by Pascal Kriete · 14 years ago
  71. 33ed0f3 Merged CodeIgniter Core changes and integrated rob1's secure cookie change into my secure cookie change. by Phil Sturgeon · 14 years ago
  72. 14287f3 Whitespace cleanup in libraries/ by Pascal Kriete · 14 years ago
  73. 154da11 Doy- forget the session cookie function! Added secure cookie config check there too. by Robin Sowell · 14 years ago
  74. 3bb336c Automated merge with https://bitbucket.org/ellislab/codeigniter by Phil Sturgeon · 14 years ago
  75. 9805ecc Added access scope to security library and added config options for csrf protection by Eric Barnes · 14 years ago
  76. 0711dc8 Hey look, it's 2011 by Greg Aker · 14 years ago
  77. a926328 Changing all class constructors to __construct() by Greg Aker · 14 years ago
  78. 741de1c Updating PHP requirements in files 5.1.6 by Greg Aker · 14 years ago
  79. aa7d3f9 Automated merge with https://bitbucket.org/barrymieny/codeigniter by Derek Jones · 14 years ago
  80. 2ef3759 modified the security helper to assist in preventing directory traversal when using sanitize_filename() for user input by Derek Jones · 14 years ago
  81. dd67197 Cleanup of stray spaces and tabs by Barry Mieny · 14 years ago
  82. 95b183ad fixed spelling error in Security class property for the CSRF cookie by Derek Jones · 14 years ago
  83. b3f10a2 separated the CSRF cookie name from the token, forced new token on successful POST by Derek Jones · 14 years ago
  84. 958543a Adding CSRF into config Adding CSRF token into form open() by Derek Allard · 15 years ago
  85. 757dda6 Fixing a bug where odbc/mssql/oci8 db drivers would encounter a PHP error due to a function being moved from the input to security class. by Greg Aker · 15 years ago
  86. a091147 moved entity_decode() to the Security library to handle an issue with HTML in input when the global XSS filter is enabled by Derek Jones · 15 years ago
  87. e701d76 added Security library by Derek Jones · 15 years ago