over-sanitizing ("% 10" disappears from $_POST) |
[eluser]Unknown[/eluser]
I sent string "% 10" via POST form, but it disappears from $_POST so I couldn't send string like "number % 10". <b>Edited: 「% 10」string disappears from this post, so I added a space after "%" </b> I added an attribute to remove_invisible_characters function call in /system/core/Input.php:528 and fixed this problem. Code: // Trunk Code: // Fixed Is it over-sanitizing or not? FYC, I attached definition of function remove_invisible_characters in /system/core/Common.php. Code: function remove_invisible_characters($str, $url_encoded = TRUE)
[eluser]Unknown[/eluser]
Sorry, I found that Pull-Request about this problem has already posted to github. https://github.com/EllisLab/CodeIgniter/pull/1229 |
Welcome Guest, Not a member yet? Register Sign In |