Welcome Guest, Not a member yet? Register   Sign In
CodeIgniter Forums CodeIgniter 4 CodeIgniter 4 Feature Requests IDEA: Controller Extended by Default
IDEA: Controller Extended by Default
  • Offline MGatner
    @xxxx[{::::::::::::::::::::::::::::::::>
  • *******
  • Posts: 619
    Threads: 59
    Joined: Dec 2016
    Reputation: 45
#11
03-20-2019, 11:10 AM

@kilishan FYI while I was working on this I noticed that a number of methods in system/Controller.php are public (initController, forceHTTPS, cachePage, validate). I'm not sure if they need to be for internal purposes, but this makes them routable endpoints on any controller. E.g. https://example.com/home/cachePage/1, or https://example.com/home/initController. This should definitely be addressed as it is borderline a security issue - let me know if you want help with that.
Reply




Theme © iAndrew 2016 - Forum software by © MyBB