Codeigniter versie 3.1.9 uitgebracht

Uitgebracht op 12-06-2018

Security

• Updated URL Helper function auto_link() to add rel="noopener" to generated links in order to prevent tab hijacking.
• Fixed a possible session fixation vulnerability where the Session Library enabled session.use_strict_mode but it didn’t actually do anything.

General Changes

• Updated Query Builder method limit() to allow 0 values.
• Updated Email Library and Form Validation Library to discard the results of failed idn_to_ascii() calls while validating e-mail addresses.

Bug fixes for 3.1.9

• Query Builder methods like(), or_like() (and siblings) didn’t apply dbprefix or identifier escaping.
• Query Builder methods like(), or_like() (and siblings) produced incorrect SQL syntax when used with 'before' as the third parameter.
• HTML Helper functions img(), link_tag() would output results with double slashes if a prefix slash was included in their path inputs.

Alle artikelen bij: Codeigniter