fanbinit/rhymix
1
0
Fork 0
mirror of https://github.com/Lastorder-DC/rhymix.git synced 2026-01-07 10:41:40 +09:00
Code Issues Projects Releases Packages Wiki Activity
17072 commits 3 branches 212 tags 117 MiB
Commit graph

20 commits

Author SHA1 Message Date
Kijin Sung
4ac0a6bf66 Use RX_WINDOWS constant in core and file module 2020-02-14 16:16:33 +09:00
Kijin Sung
4b6737800f Throw exception if neither openssl nor mcrypt is available 2018-12-03 15:10:20 +09:00
Kijin Sung
af64ae79c1 Rename checkXEE() to checkXXE() 2018-10-18 14:21:08 +09:00
Kijin Sung
6a7b1e3fd2 Use hash_equals() function if it exists 2018-10-18 14:18:06 +09:00
Kijin Sung
1d35511e04 Enforce CSRF tokens if option is enabled 2018-10-10 18:20:48 +09:00
Kijin Sung
0c62ff7561 Prevent exception on servers with flaky random_bytes() implementation 
카페24 PHP 7.0 웹호스팅 상품에서 random_bytes() 함수가 작동하지 않음
 2017-12-03 10:06:33 +09:00
Kijin Sung
5ae15f4b66 Remove _rx_ajax_compat and _rx_csrf_token from request vars 
JSON/XMLRPC 호환성 확보와 CSRF 공격 방지를 위해 사용되는 이 변수들이
Context::getRequestVars()에 포함되어 불필요하게 여기저기 저장되거나
URL에 포함되어 나오는 문제를 방지합니다.
 2017-07-02 21:46:50 +09:00
Kijin Sung
8c797aaba1 Pass through crypto exceptions 2017-05-07 15:29:21 +09:00
Kijin Sung
2822191271 Fix CSRF check for GET requests 2017-04-23 14:51:41 +09:00
Kijin Sung
df59e541c9 Skip diagnostic CSRF warning if the user is not logged in 2017-03-13 16:41:57 +09:00
Kijin Sung
89255d0281 Initial implementation of CSRF token enforcement in Security class 2017-03-06 15:54:56 +09:00
Kijin Sung
a1618c236f Merge branch 'develop' into pr/session-class 2016-10-05 17:26:12 +09:00
Kijin Sung
4f52122a3c Fix #593 incorrect result from checkCSRF() in GET+JSON request 2016-09-25 12:35:50 +09:00
Kijin Sung
02a45ece9a Fix missing static keyword 2016-08-16 21:55:32 +09:00
Kijin Sung
910f7220e6 Import cryptographic signature functions from XE 1.8.23 2016-08-02 16:30:33 +09:00
Kijin Sung
a0d9e1c6ad Remove outdated checks for old PHP versions 2016-03-22 11:34:36 +09:00
Kijin Sung
cb229c2d66 Clean up namespaces 2016-03-14 21:04:27 +09:00
Kijin Sung
4407af2b0f Use utf8_check to check variables in Security class 2016-03-14 20:54:27 +09:00
Kijin Sung
90dcc4a2e8 Implement encryption, decryption, and CSPRNG in Security class 2016-03-13 20:40:23 +09:00
Kijin Sung
28da8948d7 Initial implementation of Security and URL classes 2016-03-12 17:26:12 +09:00