Fix default values and add a note

[hackoh]

This fix is about fuel/core@5d79967

I think this issue is very important.
So I PR to 1.5/develop.

[kenjis]

The change was made in 1.5.

It is a major security policy change. So it should be also documented in Changelog.

[WanWizard]

It should not be a policy change. Very bad idea. Issue in the Security class is fixed, so this can go back in.

[kenjis]

Even if you guys didn't intend it was a policy change, the default of FuelPHP 1.5 was already changed to no filters.
It was very important change. Should have been known to users.

I hope 1.5.3 with default filters the same as 1.4 or older.

[WanWizard]

I'll discuss it to see if we're going to hotfix it, or wait for 1.6.

[orcaaoshi]

It needs hotfix, I think.
I think that it would be better.
I'm afraid someone will keep using v1.5 and minor versions on his new project without knowing this information, so it will be a security problem.

Also I don't want that FuelPHP receives bad reputation!

[WanWizard]

Hotfix will go out tonight (GMT).

[orcaaoshi]

It's good news. Thanks a lot!

[kenjis]

Thank you!

[WanWizard]

with a bit of a delay, 1.5.3. hotfix has just been released.

[kenjis]

I appreciate your job. Thank you.