| Age | Commit message (Collapse) | Author | |
|---|---|---|---|
| 2013-03-02 | #2031 - Add class_exists() before method_exists() if class existence is unknown. | shadlaws | |
| - fixed all instances of this in core code - deleted previous Zend Guard Loader workaround in MY_Kohana.php - updated Bootstrap.php to reflect deleted MY_Kohana.php | |||
| 2013-01-21 | Update copyright to 2013. Fixes #1953. | Bharat Mediratta | |
| 2012-05-16 | Revert "Convert any UTF-7 to UTF-8 so that fragment pages (like AJAX replies)" | Bharat Mediratta | |
| This will break many legal UTF-8 strings. This reverts commit 1c5c2e7de42f9e59932c81fb26c8416b2fef3fda. | |||
| 2012-05-16 | Convert any UTF-7 to UTF-8 so that fragment pages (like AJAX replies) | Bharat Mediratta | |
| won't be mistakenly interpreted as UTF-7. Fixes #1869. | |||
| 2012-02-27 | Update copyright to 2012. #1822 | Bharat Mediratta | |
| 2011-01-21 | Update copyright to 2011. | Bharat Mediratta | |
| 2010-03-03 | Update the copyright to 2010. It's only 3 months into the year :-) | Bharat Mediratta | |
| 2009-11-25 | Preliminary work to cut over to Kohana 2.4 | Bharat Mediratta | |
| - Kohana::log() -> Kohana_Log::add() - Kohana::config_XXX -> Kohana_Config::instance()->XXX - Implement View::set_global in MY_View - Updated Cache_Database_Driver to latest APIs - ORM::$loaded -> ORM::loaded() - Updated item::viewable() to use K2.4 parenthesization | |||
| 2009-09-04 | Simplifying SafeString a bit: From a XSS HTML security point of view, treat ↵ | Andy Staudacher | |
| clean() and purify() the same. No longer run a safe HTML string through the HTML purifier (since it's already marked as safe). This also addresses the issue of calling purify() when no purifier is installed. In that case, we'd run clean() on a clean string (double HTML encoding). If this approach doesn't work out, we can still modify the fallback code of purify() to check if the string is already clean before calling clean() instead of purify(). | |||
| 2009-09-03 | Refactor interaction with the purifier module so that the API is | Bharat Mediratta | |
| cleaner and we don't need to know about the module innards. Move the config file over there too. | |||
| 2009-09-03 | Minor performance improvement: Reduce module var cache lookups in SafeString. | Andy Staudacher | |
| 2009-09-03 | Ensure that purify isn't applied twice for an already purified SafeString | Andy Staudacher | |
| 2009-09-02 | Remove debugging statementes | Tim Almdal | |
| 2009-09-02 | Move HTMLPurifier from core to contrib and make it optional. Delete the ↵ | Tim Almdal | |
| modules/gallery/lib and HTMLPurifier.php | |||
| 2009-08-30 | Tabs to spaces cleanup | Andy Staudacher | |
| 2009-08-30 | Rename clean_js to js_string and have it return a complete JS string (with ↵ | Andy Staudacher | |
| delimiters) instead of just the string contents. Benefits: Using json_encode(), which is very robust. And as a user, it's clearer how to use this API compared to what it was before. | |||
| 2009-08-29 | Bugfix: Don't forget to copy the _is_purified_html flag when cloning a ↵ | Andy Staudacher | |
| SafeString. | |||
| 2009-08-29 | Add more factory methods for convenience: | Andy Staudacher | |
| SafeString::purify() and SafeString::of_safe_html(). Removing SafeString::mark_html_safe() since it's no longer needed. | |||
| 2009-08-29 | Adding SafeString::for_html_attr() | Andy Staudacher | |
| 2009-08-29 | Adding SafeString which is going to replace p::clean() and p::purify(). | Andy Staudacher | |
| Refactoring of Xss_Security_Test. t() and t2() return a SafeString instance. TODO: - Update all code to use SafeString where appropriate. - Update golden fole of Xss_Security_Test - Stop reporting CLEAN vars in Xss_Security_Test | |||
 |
index : gallery3.git | |
| A clone of the Gallery3 code for testing and development. | root |
| summaryrefslogtreecommitdiff |