Disallowed Key Characters. |
[eluser]gox[/eluser]
Heh, you said that i should recreate application running on same domain, which working absolutely properly, to jump over CI BUG! This is most stupid think i ever read. There is more and more other ways to keep high security level, i understand POST and GET vars, disaloved chars there is hacking attempt for sure, but cookie!? here you have situation when it isn't hack attempt... You should rebilid CI security system in cookie chars handling, for example: unset cookie which disallowed chars and maybe print out tigger warrning... For me now there is only one solution: Code: function _clean_input_keys($str) This is it, i wouldn't waste my time any more to explain you how stupid your way of thinking is... EOT
[eluser]Pascal Kriete[/eluser]
What you have done there has got to be the most foolish thing I've seen in a while. If you really feel the need to neuter the cookie protection, don't blow the other ones up as well. Code: // I'm feeling (very) lucky This might be of interest to you.
|
Welcome Guest, Not a member yet? Register Sign In |