diff options
| author | ctrlaltca@gmail.com <> | 2012-02-09 16:42:49 +0000 |
|---|---|---|
| committer | ctrlaltca@gmail.com <> | 2012-02-09 16:42:49 +0000 |
| commit | e963d62c3f65d861db977efc2489ccf4b631beb5 (patch) | |
| tree | 3981692ca746e11402146870fe7b6dbebc868ee1 /UPGRADE | |
| parent | 4a8bd53f85b2dc0bcddd415873ce4ab49e1e099c (diff) | |
patch for #382
Diffstat (limited to 'UPGRADE')
| -rw-r--r-- | UPGRADE | 5 |
1 files changed, 5 insertions, 0 deletions
@@ -42,6 +42,11 @@ Upgrading from v3.1.x - All the THttpRequest's methods used to gather server informations have been paired to return null if no information is available. Previously some of them returned an empty string (getQueryString and getHttpProtocolVersion), some other returned null, others caused a php NOTICE. +- Some TJavaScript methods have been modified to clear their use and provide better xss protection: + the undocumented quoteUTF8() was removed, since it didn't provide any real protection; + quoteString() now safely adds quotes around a string: previously it only added escape characters; + the json* family of methods actually checks for errors and generate exceptions on fail (requires + at least php 5.3.3). Upgrading from v3.1.10 ---------------------- |