diff --git a/admin/copyright.php b/admin/copyright.php
index a952ed6d..15773516 100644
--- a/admin/copyright.php
+++ b/admin/copyright.php
@@ -1,13 +1,13 @@
 <?php if(!defined('__TYPECHO_ADMIN__')) exit; ?>
 <div class="typecho-foot" role="contentinfo">
     <div class="copyright">
-        <a href="http://typecho.org" class="i-logo-s">Typecho</a>
-        <p><?php _e('由 <a href="http://typecho.org">%s</a> 强力驱动, 版本 %s', $options->software, $options->version); ?></p>
+        <a href="https://typecho.org" class="i-logo-s">Typecho</a>
+        <p><?php _e('由 <a href="https://typecho.org">%s</a> 强力驱动, 版本 %s', $options->software, $options->version); ?></p>
     </div>
     <nav class="resource">
-        <a href="http://docs.typecho.org"><?php _e('帮助文档'); ?></a> &bull;
-        <a href="http://forum.typecho.org"><?php _e('支持论坛'); ?></a> &bull;
+        <a href="https://docs.typecho.org"><?php _e('帮助文档'); ?></a> &bull;
+        <a href="https://forum.typecho.org"><?php _e('支持论坛'); ?></a> &bull;
         <a href="https://github.com/typecho/typecho/issues"><?php _e('报告错误'); ?></a> &bull;
-        <a href="http://typecho.org/download"><?php _e('资源下载'); ?></a>
+        <a href="https://typecho.org/download"><?php _e('资源下载'); ?></a>
     </nav>
 </div>
diff --git a/admin/custom-fields.php b/admin/custom-fields.php
index 98159ef7..39e52ae8 100644
--- a/admin/custom-fields.php
+++ b/admin/custom-fields.php
@@ -77,6 +77,6 @@ $defaultFields = isset($post) ? $post->getDefaultFieldItems() : $page->getDefaul
     </table>
     <div class="description clearfix">
         <button type="button" class="btn btn-xs operate-add"><?php _e('+添加字段'); ?></button>
-        <?php _e('自定义字段可以扩展你的模板功能, 使用方法参见 <a href="http://docs.typecho.org/help/custom-fields">帮助文档</a>'); ?>
+        <?php _e('自定义字段可以扩展你的模板功能, 使用方法参见 <a href="https://docs.typecho.org/help/custom-fields">帮助文档</a>'); ?>
     </div>
 </section>
diff --git a/admin/login.php b/admin/login.php
index e51d5789..e6ad36c7 100644
--- a/admin/login.php
+++ b/admin/login.php
@@ -13,7 +13,7 @@ include 'header.php';
 ?>
 <div class="typecho-login-wrap">
     <div class="typecho-login">
-        <h1><a href="http://typecho.org" class="i-logo">Typecho</a></h1>
+        <h1><a href="https://typecho.org" class="i-logo">Typecho</a></h1>
         <form action="<?php $options->loginAction(); ?>" method="post" name="login" role="form">
             <p>
                 <label for="name" class="sr-only"><?php _e('用户名'); ?></label>
@@ -25,7 +25,7 @@ include 'header.php';
             </p>
             <p class="submit">
                 <button type="submit" class="btn btn-l w-100 primary"><?php _e('登录'); ?></button>
-                <input type="hidden" name="referer" value="<?php echo htmlspecialchars($request->get('referer') ?? ''); ?>" />
+                <input type="hidden" name="referer" value="<?php echo $request->filter('html')->get('referer'); ?>" />
             </p>
             <p>
                 <label for="remember">
diff --git a/admin/manage-comments.php b/admin/manage-comments.php
index 6db11059..c85e8a3c 100644
--- a/admin/manage-comments.php
+++ b/admin/manage-comments.php
@@ -21,9 +21,9 @@ $isAllComments = ('on' == $request->get('__typecho_all_comments') || 'on' == \Ty
                     </ul>
                     <ul class="typecho-option-tabs">
                         <li<?php if(!isset($request->status) || 'approved' == $request->get('status')): ?> class="current"<?php endif; ?>><a href="<?php $options->adminUrl('manage-comments.php'
-                        . (isset($request->cid) ? '?cid=' . $request->cid : '')); ?>"><?php _e('已通过'); ?></a></li>
+                        . (isset($request->cid) ? '?cid=' . $request->filter('encode')->cid : '')); ?>"><?php _e('已通过'); ?></a></li>
                         <li<?php if('waiting' == $request->get('status')): ?> class="current"<?php endif; ?>><a href="<?php $options->adminUrl('manage-comments.php?status=waiting'
-                        . (isset($request->cid) ? '&cid=' . $request->cid : '')); ?>"><?php _e('待审核'); ?>
+                        . (isset($request->cid) ? '&cid=' . $request->filter('encode')->cid : '')); ?>"><?php _e('待审核'); ?>
                         <?php if(!$isAllComments && $stat->myWaitingCommentsNum > 0 && !isset($request->cid)): ?> 
                             <span class="balloon"><?php $stat->myWaitingCommentsNum(); ?></span>
                         <?php elseif($isAllComments && $stat->waitingCommentsNum > 0 && !isset($request->cid)): ?>
@@ -33,7 +33,7 @@ $isAllComments = ('on' == $request->get('__typecho_all_comments') || 'on' == \Ty
                         <?php endif; ?>
                         </a></li>
                         <li<?php if('spam' == $request->get('status')): ?> class="current"<?php endif; ?>><a href="<?php $options->adminUrl('manage-comments.php?status=spam'
-                        . (isset($request->cid) ? '&cid=' . $request->cid : '')); ?>"><?php _e('垃圾'); ?>
+                        . (isset($request->cid) ? '&cid=' . $request->filter('encode')->cid : '')); ?>"><?php _e('垃圾'); ?>
                         <?php if(!$isAllComments && $stat->mySpamCommentsNum > 0 && !isset($request->cid)): ?> 
                             <span class="balloon"><?php $stat->mySpamCommentsNum(); ?></span>
                         <?php elseif($isAllComments && $stat->spamCommentsNum > 0 && !isset($request->cid)): ?>
@@ -66,15 +66,15 @@ $isAllComments = ('on' == $request->get('__typecho_all_comments') || 'on' == \Ty
                             <?php if ('' != $request->keywords || '' != $request->category): ?>
                             <a href="<?php $options->adminUrl('manage-comments.php' 
                             . (isset($request->status) || isset($request->cid) ? '?' .
-                            (isset($request->status) ? 'status=' . htmlspecialchars($request->get('status')) : '') .
-                            (isset($request->cid) ? (isset($request->status) ? '&' : '') . 'cid=' . htmlspecialchars($request->get('cid')) : '') : '')); ?>"><?php _e('&laquo; 取消筛选'); ?></a>
+                            (isset($request->status) ? 'status=' . $request->filter('encode')->status : '') .
+                            (isset($request->cid) ? (isset($request->status) ? '&' : '') . 'cid=' . $request->filter('encode')->cid : '') : '')); ?>"><?php _e('&laquo; 取消筛选'); ?></a>
                             <?php endif; ?>
-                            <input type="text" class="text-s" placeholder="<?php _e('请输入关键字'); ?>" value="<?php echo htmlspecialchars($request->keywords ?? ''); ?>"<?php if ('' == $request->keywords): ?> onclick="value='';name='keywords';" <?php else: ?> name="keywords"<?php endif; ?>/>
+                            <input type="text" class="text-s" placeholder="<?php _e('请输入关键字'); ?>" value="<?php echo $request->filter('html')->keywords; ?>"<?php if ('' == $request->keywords): ?> onclick="value='';name='keywords';" <?php else: ?> name="keywords"<?php endif; ?>/>
                             <?php if(isset($request->status)): ?>
-                                <input type="hidden" value="<?php echo htmlspecialchars($request->get('status')); ?>" name="status" />
+                                <input type="hidden" value="<?php echo $request->filter('html')->status; ?>" name="status" />
                             <?php endif; ?>
                             <?php if(isset($request->cid)): ?>
-                                <input type="hidden" value="<?php echo htmlspecialchars($request->get('cid')); ?>" name="cid" />
+                                <input type="hidden" value="<?php echo $request->filter('html')->cid; ?>" name="cid" />
                             <?php endif; ?>
                             <button type="submit" class="btn btn-s"><?php _e('筛选'); ?></button>
                         </div>
@@ -183,7 +183,7 @@ $isAllComments = ('on' == $request->get('__typecho_all_comments') || 'on' == \Ty
                 </div><!-- end .typecho-table-wrap -->
 
                 <?php if(isset($request->cid)): ?>
-                <input type="hidden" value="<?php echo htmlspecialchars($request->get('cid')); ?>" name="cid" />
+                <input type="hidden" value="<?php echo $request->filter('html')->cid; ?>" name="cid" />
                 <?php endif; ?>
                 </form><!-- end .operate-form -->
 
diff --git a/admin/manage-medias.php b/admin/manage-medias.php
index 3814f1bf..ba8fc36f 100644
--- a/admin/manage-medias.php
+++ b/admin/manage-medias.php
@@ -36,7 +36,7 @@ $attachments = \Widget\Contents\Attachment\Admin::alloc();
                                 <a href="<?php $options->adminUrl('manage-medias.php'); ?>"><?php _e('&laquo; 取消筛选'); ?></a>
                             <?php endif; ?>
                             <input type="text" class="text-s" placeholder="<?php _e('请输入关键字'); ?>"
-                                   value="<?php echo htmlspecialchars($request->keywords ?? ''); ?>"<?php if ('' == $request->keywords): ?> onclick="value='';name='keywords';" <?php else: ?> name="keywords"<?php endif; ?>/>
+                                   value="<?php echo $request->filter('html')->keywords; ?>"<?php if ('' == $request->keywords): ?> onclick="value='';name='keywords';" <?php else: ?> name="keywords"<?php endif; ?>/>
                             <button type="submit" class="btn btn-s"><?php _e('筛选'); ?></button>
                         </div>
                     </form>
diff --git a/admin/manage-pages.php b/admin/manage-pages.php
index d5150765..ef6d59c3 100644
--- a/admin/manage-pages.php
+++ b/admin/manage-pages.php
@@ -39,7 +39,7 @@ $pages = \Widget\Contents\Page\Admin::alloc();
                                 <a href="<?php $options->adminUrl('manage-pages.php'); ?>"><?php _e('&laquo; 取消筛选'); ?></a>
                             <?php endif; ?>
                             <input type="text" class="text-s" placeholder="<?php _e('请输入关键字'); ?>"
-                                   value="<?php echo htmlspecialchars($request->keywords ?? ''); ?>" name="keywords"/>
+                                   value="<?php echo $request->filter('html')->keywords; ?>" name="keywords"/>
                             <button type="submit" class="btn btn-s"><?php _e('筛选'); ?></button>
                         </div>
                     </form>
diff --git a/admin/manage-posts.php b/admin/manage-posts.php
index 17bbc89a..a0b3dd58 100644
--- a/admin/manage-posts.php
+++ b/admin/manage-posts.php
@@ -26,11 +26,11 @@ $isAllPosts = ('on' == $request->get('__typecho_all_posts') || 'on' == \Typecho\
                     <ul class="typecho-option-tabs">
                         <li<?php if (!isset($request->status) || 'all' == $request->get('status')): ?> class="current"<?php endif; ?>>
                             <a href="<?php $options->adminUrl('manage-posts.php'
-                                . (isset($request->uid) ? '?uid=' . $request->uid : '')); ?>"><?php _e('可用'); ?></a>
+                                . (isset($request->uid) ? '?uid=' . $request->filter('encode')->uid : '')); ?>"><?php _e('可用'); ?></a>
                         </li>
                         <li<?php if ('waiting' == $request->get('status')): ?> class="current"<?php endif; ?>><a
                                 href="<?php $options->adminUrl('manage-posts.php?status=waiting'
-                                    . (isset($request->uid) ? '&uid=' . $request->uid : '')); ?>"><?php _e('待审核'); ?>
+                                    . (isset($request->uid) ? '&uid=' . $request->filter('encode')->uid : '')); ?>"><?php _e('待审核'); ?>
                                 <?php if (!$isAllPosts && $stat->myWaitingPostsNum > 0 && !isset($request->uid)): ?>
                                     <span class="balloon"><?php $stat->myWaitingPostsNum(); ?></span>
                                 <?php elseif ($isAllPosts && $stat->waitingPostsNum > 0 && !isset($request->uid)): ?>
@@ -41,7 +41,7 @@ $isAllPosts = ('on' == $request->get('__typecho_all_posts') || 'on' == \Typecho\
                             </a></li>
                         <li<?php if ('draft' == $request->get('status')): ?> class="current"<?php endif; ?>><a
                                 href="<?php $options->adminUrl('manage-posts.php?status=draft'
-                                    . (isset($request->uid) ? '&uid=' . $request->uid : '')); ?>"><?php _e('草稿'); ?>
+                                    . (isset($request->uid) ? '&uid=' . $request->filter('encode')->uid : '')); ?>"><?php _e('草稿'); ?>
                                 <?php if (!$isAllPosts && $stat->myDraftPostsNum > 0 && !isset($request->uid)): ?>
                                     <span class="balloon"><?php $stat->myDraftPostsNum(); ?></span>
                                 <?php elseif ($isAllPosts && $stat->draftPostsNum > 0 && !isset($request->uid)): ?>
@@ -87,11 +87,11 @@ $isAllPosts = ('on' == $request->get('__typecho_all_posts') || 'on' == \Typecho\
                             <?php if ('' != $request->keywords || '' != $request->category): ?>
                                 <a href="<?php $options->adminUrl('manage-posts.php'
                                     . (isset($request->status) || isset($request->uid) ? '?' .
-                                        (isset($request->status) ? 'status=' . htmlspecialchars($request->get('status')) : '') .
-                                        (isset($request->uid) ? '?uid=' . htmlspecialchars($request->get('uid')) : '') : '')); ?>"><?php _e('&laquo; 取消筛选'); ?></a>
+                                        (isset($request->status) ? 'status=' . $request->filter('encode')->status : '') .
+                                        (isset($request->uid) ? (isset($request->status) ? '&' : '') . 'uid=' . $request->filter('encode')->uid : '') : '')); ?>"><?php _e('&laquo; 取消筛选'); ?></a>
                             <?php endif; ?>
                             <input type="text" class="text-s" placeholder="<?php _e('请输入关键字'); ?>"
-                                   value="<?php echo htmlspecialchars($request->keywords ?? ''); ?>" name="keywords"/>
+                                   value="<?php echo $request->filter('html')->keywords; ?>" name="keywords"/>
                             <select name="category">
                                 <option value=""><?php _e('所有分类'); ?></option>
                                 <?php \Widget\Metas\Category\Rows::alloc()->to($category); ?>
@@ -102,11 +102,11 @@ $isAllPosts = ('on' == $request->get('__typecho_all_posts') || 'on' == \Typecho\
                             </select>
                             <button type="submit" class="btn btn-s"><?php _e('筛选'); ?></button>
                             <?php if (isset($request->uid)): ?>
-                                <input type="hidden" value="<?php echo htmlspecialchars($request->get('uid')); ?>"
+                                <input type="hidden" value="<?php echo $request->filter('html')->uid; ?>"
                                        name="uid"/>
                             <?php endif; ?>
                             <?php if (isset($request->status)): ?>
-                                <input type="hidden" value="<?php echo htmlspecialchars($request->get('status')); ?>"
+                                <input type="hidden" value="<?php echo $request->filter('html')->status; ?>"
                                        name="status"/>
                             <?php endif; ?>
                         </div>
@@ -179,8 +179,8 @@ $isAllPosts = ('on' == $request->get('__typecho_all_posts') || 'on' == \Typecho\
                                             <?php foreach ($categories as $key => $val): ?>
                                                 <?php echo '<a href="';
                                                 $options->adminUrl('manage-posts.php?category=' . $val['mid']
-                                                    . (isset($request->uid) ? '&uid=' . $request->uid : '')
-                                                    . (isset($request->status) ? '&status=' . $request->status : ''));
+                                                    . (isset($request->uid) ? '&uid=' . $request->filter('encode')->uid : '')
+                                                    . (isset($request->status) ? '&status=' . $request->filter('encode')->status : ''));
                                                 echo '">' . $val['name'] . '</a>' . ($key < $length - 1 ? ', ' : ''); ?>
                                             <?php endforeach; ?>
                                         </td>
diff --git a/admin/manage-users.php b/admin/manage-users.php
index 2c89818f..2720c283 100644
--- a/admin/manage-users.php
+++ b/admin/manage-users.php
@@ -31,7 +31,7 @@ $users = \Widget\Users\Admin::alloc();
                                 <a href="<?php $options->adminUrl('manage-users.php'); ?>"><?php _e('&laquo; 取消筛选'); ?></a>
                             <?php endif; ?>
                             <input type="text" class="text-s" placeholder="<?php _e('请输入关键字'); ?>"
-                                   value="<?php echo htmlspecialchars($request->keywords ?? ''); ?>" name="keywords"/>
+                                   value="<?php echo $request->filter('html')->keywords; ?>" name="keywords"/>
                             <button type="submit" class="btn btn-s"><?php _e('筛选'); ?></button>
                         </div>
                     </form>
diff --git a/admin/register.php b/admin/register.php
index 72e662ef..642b8bc5 100644
--- a/admin/register.php
+++ b/admin/register.php
@@ -15,7 +15,7 @@ include 'header.php';
 ?>
 <div class="typecho-login-wrap">
     <div class="typecho-login">
-        <h1><a href="http://typecho.org" class="i-logo">Typecho</a></h1>
+        <h1><a href="https://typecho.org" class="i-logo">Typecho</a></h1>
         <form action="<?php $options->registerAction(); ?>" method="post" name="register" role="form">
             <p>
                 <label for="name" class="sr-only"><?php _e('用户名'); ?></label>
diff --git a/admin/src/js/pagedown.js b/admin/src/js/pagedown.js
index d1e22a34..aab4f834 100644
--- a/admin/src/js/pagedown.js
+++ b/admin/src/js/pagedown.js
@@ -1700,8 +1700,8 @@ else
 
     // The default text that appears in the dialog input box when entering
     // links.
-    var imageDefaultText = "http://";
-    var linkDefaultText = "http://";
+    var imageDefaultText = "https://";
+    var linkDefaultText = "https://";
 
     // -------------------------------------------------------------------
     //  END OF YOUR CHANGES
diff --git a/install.php b/install.php
index c6282948..f4cc9971 100644
--- a/install.php
+++ b/install.php
@@ -705,7 +705,7 @@ function install_step_1()
                     </p>
                     <h3><?php _e('许可及协议'); ?></h3>
                     <ul>
-                        <li><?php _e('Typecho 基于 <a href="http://www.gnu.org/copyleft/gpl.html">GPL</a> 协议发布, 我们允许用户在 GPL 协议许可的范围内使用, 拷贝, 修改和分发此程序.'); ?>
+                        <li><?php _e('Typecho 基于 <a href="https://www.gnu.org/copyleft/gpl.html">GPL</a> 协议发布, 我们允许用户在 GPL 协议许可的范围内使用, 拷贝, 修改和分发此程序.'); ?>
                             <?php _e('在GPL许可的范围内, 您可以自由地将其用于商业以及非商业用途.'); ?></li>
                         <li><?php _e('Typecho 软件由其社区提供支持, 核心开发团队负责维护程序日常开发工作以及新特性的制定.'); ?>
                             <?php _e('如果您遇到使用上的问题, 程序中的 BUG, 以及期许的新功能, 欢迎您在社区中交流或者直接向我们贡献代码.'); ?>
@@ -924,7 +924,9 @@ function install_step_2_perform()
             'dbPassword' => null,
             'dbCharset' => 'utf8mb4',
             'dbDatabase' => null,
-            'dbEngine' => 'InnoDB'
+            'dbEngine' => 'InnoDB',
+            'dbSslCa' => null,
+            'dbSslVerify' => 'on',
         ],
         'Pgsql' => [
             'dbHost' => 'localhost',
@@ -952,7 +954,9 @@ function install_step_2_perform()
             'dbEngine' => $request->getServer('TYPECHO_DB_ENGINE'),
             'dbPrefix' => $request->getServer('TYPECHO_DB_PREFIX', 'typecho_'),
             'dbAdapter' => $request->getServer('TYPECHO_DB_ADAPTER', install_get_current_db_driver()),
-            'dbNext' => $request->getServer('TYPECHO_DB_NEXT', 'none')
+            'dbNext' => $request->getServer('TYPECHO_DB_NEXT', 'none'),
+            'dbSslCa' => $request->getServer('TYPECHO_DB_SSL_CA'),
+            'dbSslVerify' => $request->getServer('TYPECHO_DB_SSL_VERIFY', 'on'),
         ];
     } else {
         $config = $request->from([
@@ -967,7 +971,9 @@ function install_step_2_perform()
             'dbEngine',
             'dbPrefix',
             'dbAdapter',
-            'dbNext'
+            'dbNext',
+            'dbSslCa',
+            'dbSslVerify',
         ]);
     }
 
@@ -1005,6 +1011,8 @@ function install_step_2_perform()
                 ->addRule('dbDatabase', 'required', _t('确认您的配置'))
                 ->addRule('dbEngine', 'required', _t('确认您的配置'))
                 ->addRule('dbEngine', 'enum', _t('确认您的配置'), ['InnoDB', 'MyISAM'])
+                ->addRule('dbSslCa', 'file_exists', _t('确认您的配置'))
+                ->addRule('dbSslVerify', 'enum', _t('确认您的配置'), ['on', 'off'])
                 ->run($config);
             break;
         case 'Pgsql':
@@ -1041,7 +1049,7 @@ function install_step_2_perform()
     }
 
     foreach ($configMap[$type] as $key => $value) {
-        $dbConfig[strtolower(substr($key, 2))] = $config[$key];
+        $dbConfig[lcfirst(substr($key, 2))] = $config[$key];
     }
 
     // intval port number
@@ -1049,6 +1057,11 @@ function install_step_2_perform()
         $dbConfig['port'] = intval($dbConfig['port']);
     }
 
+    // bool ssl verify
+    if (isset($dbConfig['sslVerify'])) {
+        $dbConfig['sslVerify'] = $dbConfig['sslVerify'] == 'on';
+    }
+
     if (isset($dbConfig['file']) && preg_match("/^[a-z0-9]+\.[a-z0-9]{2,}$/i", $dbConfig['file'])) {
         $dbConfig['file'] = __DIR__ . '/usr/' . $dbConfig['file'];
     }
@@ -1064,7 +1077,7 @@ function install_step_2_perform()
             $installDb->addServer($dbConfig, \Typecho\Db::READ | \Typecho\Db::WRITE);
             $installDb->query('SELECT 1=1');
         } catch (\Typecho\Db\Adapter\ConnectionException $e) {
-            install_raise_error(_t('对不起, 无法连接数据库, 请先检查数据库配置再继续进行安装'));
+            install_raise_error(_t('对不起, 无法连接数据库, 请先检查数据库配置再继续进行安装: "%s"', $e->getMessage()));
         } catch (\Typecho\Db\Exception $e) {
             install_raise_error(_t('安装程序捕捉到以下错误: "%s". 程序被终止, 请检查您的配置信息.', $e->getMessage()));
         }
@@ -1460,7 +1473,7 @@ function install_dispatch()
 </head>
 <body>
     <div class="body container">
-        <h1><a href="http://typecho.org" target="_blank" class="i-logo">Typecho</a></h1>
+        <h1><a href="https://typecho.org" target="_blank" class="i-logo">Typecho</a></h1>
         <?php $method(); ?>
     </div>
 </body>
diff --git a/install/Mysql.php b/install/Mysql.php
index 52ba7d99..eb3e20ab 100644
--- a/install/Mysql.php
+++ b/install/Mysql.php
@@ -63,4 +63,22 @@
             </select>
         </li>
     </ul>
-</details>
\ No newline at end of file
+
+    <ul class="typecho-option">
+        <li>
+            <label class="typecho-label" for="dbSslCa"><?php _e('数据库 SSL 证书'); ?></label>
+            <input type="text" class="text" name="dbSslCa" id="dbSslCa"/>
+            <p class="description"><?php _e('如果您的数据库启用了 SSL，请填写 CA 证书路径，否则请留空'); ?></p>
+        </li>
+    </ul>
+
+    <ul class="typecho-option">
+        <li>
+            <label class="typecho-label" for="dbSslVerify"><?php _e('启用数据库 SSL 服务端证书验证'); ?></label>
+            <select name="dbSslVerify" id="dbSslVerify">
+                <option value="on"><?php _e('启用'); ?></option>
+                <option value="off"><?php _e('不启用'); ?></option>
+            </select>
+        </li>
+    </ul>
+</details>
diff --git a/usr/themes/default/footer.php b/usr/themes/default/footer.php
index 347cd197..dce3ad8f 100644
--- a/usr/themes/default/footer.php
+++ b/usr/themes/default/footer.php
@@ -6,7 +6,7 @@
 
 <footer id="footer" role="contentinfo">
     &copy; <?php echo date('Y'); ?> <a href="<?php $this->options->siteUrl(); ?>"><?php $this->options->title(); ?></a>.
-    <?php _e('由 <a href="http://www.typecho.org">Typecho</a> 强力驱动'); ?>.
+    <?php _e('由 <a href="https://typecho.org">Typecho</a> 强力驱动'); ?>.
 </footer><!-- end #footer -->
 
 <?php $this->footer(); ?>
diff --git a/usr/themes/default/sidebar.php b/usr/themes/default/sidebar.php
index f102e127..2cfa2504 100644
--- a/usr/themes/default/sidebar.php
+++ b/usr/themes/default/sidebar.php
@@ -55,7 +55,7 @@
                 <?php endif; ?>
                 <li><a href="<?php $this->options->feedUrl(); ?>"><?php _e('文章 RSS'); ?></a></li>
                 <li><a href="<?php $this->options->commentsFeedUrl(); ?>"><?php _e('评论 RSS'); ?></a></li>
-                <li><a href="http://www.typecho.org">Typecho</a></li>
+                <li><a href="https://typecho.org">Typecho</a></li>
             </ul>
         </section>
     <?php endif; ?>
diff --git a/var/Typecho/Common.php b/var/Typecho/Common.php
index 7dcddc73..02937782 100644
--- a/var/Typecho/Common.php
+++ b/var/Typecho/Common.php
@@ -168,7 +168,7 @@ namespace Typecho {
     class Common
     {
         /** 程序版本 */
-        public const VERSION = '1.2.0';
+        public const VERSION = '1.2.1';
 
         /**
          * 将路径转化为链接
diff --git a/var/Typecho/Db/Adapter/Mysqli.php b/var/Typecho/Db/Adapter/Mysqli.php
index 5f417a3c..d40a232d 100644
--- a/var/Typecho/Db/Adapter/Mysqli.php
+++ b/var/Typecho/Db/Adapter/Mysqli.php
@@ -47,19 +47,30 @@ class Mysqli implements Adapter
      */
     public function connect(Config $config): \mysqli
     {
+        $mysqli = mysqli_init();
+        if ($mysqli) {
+            if (!empty($config->sslCa)) {
+                $mysqli->ssl_set(null, null, $config->sslCa, null, null);
 
-        if (
-            $this->dbLink = @mysqli_connect(
+                if (isset($config->sslVerify)) {
+                    $mysqli->options(MYSQLI_OPT_SSL_VERIFY_SERVER_CERT, $config->sslVerify);
+                }
+            }
+
+            $mysqli->real_connect(
                 $config->host,
                 $config->user,
                 $config->password,
                 $config->database,
                 (empty($config->port) ? null : $config->port)
-            )
-        ) {
+            );
+
+            $this->dbLink = $mysqli;
+
             if ($config->charset) {
                 $this->dbLink->query("SET NAMES '{$config->charset}'");
             }
+
             return $this->dbLink;
         }
 
diff --git a/var/Typecho/Db/Adapter/Pdo/Mysql.php b/var/Typecho/Db/Adapter/Pdo/Mysql.php
index 29850502..3e2f4c1d 100644
--- a/var/Typecho/Db/Adapter/Pdo/Mysql.php
+++ b/var/Typecho/Db/Adapter/Pdo/Mysql.php
@@ -51,11 +51,22 @@ class Mysql extends Pdo
      */
     public function init(Config $config): \PDO
     {
+        $options = [];
+        if (!empty($config->sslCa)) {
+            $options[\PDO::MYSQL_ATTR_SSL_CA] = $config->sslCa;
+
+            if (isset($config->sslVerify)) {
+                // FIXME: https://github.com/php/php-src/issues/8577
+                $options[\PDO::MYSQL_ATTR_SSL_VERIFY_SERVER_CERT] = $config->sslVerify;
+            }
+        }
+
         $pdo = new \PDO(
             !empty($config->dsn)
                 ? $config->dsn : "mysql:dbname={$config->database};host={$config->host};port={$config->port}",
             $config->user,
-            $config->password
+            $config->password,
+            $options
         );
         $pdo->setAttribute(\PDO::MYSQL_ATTR_USE_BUFFERED_QUERY, true);
 
diff --git a/var/Typecho/Widget/Request.php b/var/Typecho/Widget/Request.php
index d6d6d0c7..4c1999c6 100644
--- a/var/Typecho/Widget/Request.php
+++ b/var/Typecho/Widget/Request.php
@@ -19,6 +19,8 @@ class Request
     private const FILTERS = [
         'int'     => 'intval',
         'integer' => 'intval',
+        'encode'  => 'urlencode',
+        'html'    => 'htmlspecialchars',
         'search'  => ['\Typecho\Common', 'filterSearchQuery'],
         'xss'     => ['\Typecho\Common', 'removeXSS'],
         'url'     => ['\Typecho\Common', 'safeUrl'],
@@ -83,7 +85,7 @@ class Request
     }
 
     /**
-     * 设置过滤器
+     * Add filter to request
      *
      * @param string|callable ...$filters
      * @return $this
@@ -91,8 +93,10 @@ class Request
     public function filter(...$filters): Request
     {
         foreach ($filters as $filter) {
-            $this->filter[] = is_string($filter) && isset(self::FILTERS[$filter])
-                ? self::FILTERS[$filter] : $filter;
+            $this->filter[] = $this->wrapFilter(
+                is_string($filter) && isset(self::FILTERS[$filter])
+                ? self::FILTERS[$filter] : $filter
+            );
         }
 
         return $this;
@@ -344,4 +348,18 @@ class Request
 
         return $value;
     }
+
+    /**
+     * Wrap a filter to make sure it always receives a string.
+     *
+     * @param callable $filter
+     *
+     * @return callable
+     */
+    private function wrapFilter(callable $filter): callable
+    {
+        return function ($value) use ($filter) {
+            return call_user_func($filter, $value ?? '');
+        };
+    }
 }
diff --git a/var/Widget/Ajax.php b/var/Widget/Ajax.php
index 1b3b1d6a..ab064398 100644
--- a/var/Widget/Ajax.php
+++ b/var/Widget/Ajax.php
@@ -47,7 +47,7 @@ class Ajax extends BaseOptions implements ActionInterface
             $result = ['available' => 0];
 
             try {
-                $client->send('http://typecho.org/version.json');
+                $client->send('https://typecho.org/version.json');
 
                 /** 匹配内容体 */
                 $response = $client->getResponseBody();
@@ -65,7 +65,7 @@ class Ajax extends BaseOptions implements ActionInterface
                             'available' => 1,
                             'latest'    => $json['release'],
                             'current'   => $version,
-                            'link'      => 'http://typecho.org/download'
+                            'link'      => 'https://typecho.org/download'
                         ];
                     }
                 }
@@ -92,7 +92,7 @@ class Ajax extends BaseOptions implements ActionInterface
         if ($client) {
             $client->setHeader('User-Agent', $this->options->generator)
                 ->setTimeout(10)
-                ->send('http://typecho.org/feed/');
+                ->send('https://typecho.org/feed/');
 
             /** 匹配内容体 */
             $response = $client->getResponseBody();
diff --git a/var/Widget/Archive.php b/var/Widget/Archive.php
index 8f3fe825..4d902bc9 100644
--- a/var/Widget/Archive.php
+++ b/var/Widget/Archive.php
@@ -531,7 +531,7 @@ class Archive extends Contents
 
         /** 处理搜索结果跳转 */
         if (isset($this->request->s)) {
-            $filterKeywords = $this->request->filter('search')->s;
+            $filterKeywords = $this->request->filter('search')->get('s');
 
             /** 跳转到搜索页 */
             if (null != $filterKeywords) {
diff --git a/var/Widget/Base/Comments.php b/var/Widget/Base/Comments.php
index 2a4d0fac..f318711b 100644
--- a/var/Widget/Base/Comments.php
+++ b/var/Widget/Base/Comments.php
@@ -268,7 +268,7 @@ class Comments extends Base implements QueryInterface
         $noFollow = (null === $noFollow) ? $this->options->commentsUrlNofollow : $noFollow;
 
         if ($this->url && $autoLink) {
-            echo '<a href="' . $this->url . '"'
+            echo '<a href="' . Common::safeUrl($this->url) . '"'
                 . ($noFollow ? ' rel="external nofollow"' : null) . '>' . $this->author . '</a>';
         } else {
             echo $this->author;
diff --git a/var/Widget/Feedback.php b/var/Widget/Feedback.php
index b8de4c61..cca026df 100644
--- a/var/Widget/Feedback.php
+++ b/var/Widget/Feedback.php
@@ -206,7 +206,7 @@ class Feedback extends Comments implements ActionInterface
             /** Anti-XSS */
             $comment['author'] = $this->request->filter('trim')->author;
             $comment['mail'] = $this->request->filter('trim')->mail;
-            $comment['url'] = $this->request->filter('trim')->url;
+            $comment['url'] = $this->request->filter('trim', 'url')->url;
 
             /** 修正用户提交的url */
             if (!empty($comment['url'])) {
@@ -305,7 +305,7 @@ class Feedback extends Comments implements ActionInterface
         ];
 
         $trackback['author'] = $this->request->filter('trim')->blog_name;
-        $trackback['url'] = $this->request->filter('trim')->url;
+        $trackback['url'] = $this->request->filter('trim', 'url')->url;
         $trackback['text'] = $this->request->excerpt;
 
         //检验格式
diff --git a/var/Widget/Menu.php b/var/Widget/Menu.php
index faf0ab26..e12d6238 100644
--- a/var/Widget/Menu.php
+++ b/var/Widget/Menu.php
@@ -127,10 +127,10 @@ class Menu extends Base
         $panelTable = unserialize($this->options->panelTable);
         $extendingParentMenu = empty($panelTable['parent']) ? [] : $panelTable['parent'];
         $extendingChildMenu = empty($panelTable['child']) ? [] : $panelTable['child'];
-        $currentUrl = $this->request->makeUriByRequest();
+        $currentUrl = $this->request->getRequestUrl();
         $adminUrl = $this->options->adminUrl;
         $menu = [];
-        $defaultChildeNode = [null, null, null, 'administrator', false, null];
+        $defaultChildNode = [null, null, null, 'administrator', false, null];
 
         $currentUrlParts = parse_url($currentUrl);
         $currentUrlParams = [];
@@ -158,7 +158,7 @@ class Menu extends Base
 
             foreach ($childNodes[$key] as $inKey => $childNode) {
                 // magic merge
-                $childNode += $defaultChildeNode;
+                $childNode += $defaultChildNode;
                 [$name, $title, $url, $access] = $childNode;
 
                 $hidden = $childNode[4] ?? false;
@@ -255,7 +255,7 @@ class Menu extends Base
         }
 
         $this->menu = $menu;
-        $this->currentUrl = $currentUrl;
+        $this->currentUrl = Common::safeUrl($currentUrl);
     }
 
     /**
diff --git a/var/Widget/Options.php b/var/Widget/Options.php
index 0e5127bb..3dadc434 100644
--- a/var/Widget/Options.php
+++ b/var/Widget/Options.php
@@ -82,7 +82,7 @@ if (!defined('__TYPECHO_ROOT_DIR__')) {
  * @property bool $commentsRequireModeration
  * @property bool $commentsWhitelist
  * @property bool $commentsRequireMail
- * @property bool $commentsRequireURL
+ * @property bool $commentsRequireUrl
  * @property bool $commentsCheckReferer
  * @property bool $commentsAntiSpam
  * @property bool $commentsAutoClose
diff --git a/var/Widget/Options/Discussion.php b/var/Widget/Options/Discussion.php
index df9d84c2..d4928f52 100644
--- a/var/Widget/Options/Discussion.php
+++ b/var/Widget/Options/Discussion.php
@@ -127,7 +127,7 @@ class Discussion extends Options implements ActionInterface
             $this->options->commentDateFormat,
             _t('评论日期格式'),
             _t('这是一个默认的格式,当你在模板中调用显示评论日期方法时, 如果没有指定日期格式, 将按照此格式输出.') . '<br />'
-            . _t('具体写法请参考 <a href="http://www.php.net/manual/zh/function.date.php">PHP 日期格式写法</a>.')
+            . _t('具体写法请参考 <a href="https://www.php.net/manual/zh/function.date.php">PHP 日期格式写法</a>.')
         );
         $commentDateFormat->input->setAttribute('class', 'w-40 mono');
         $form->addInput($commentDateFormat);
@@ -147,8 +147,8 @@ class Discussion extends Options implements ActionInterface
             'commentsShowCommentOnly' => _t('仅显示评论, 不显示 Pingback 和 Trackback'),
             'commentsMarkdown'        => _t('在评论中使用 Markdown 语法'),
             'commentsShowUrl'         => _t('评论者名称显示时自动加上其个人主页链接'),
-            'commentsUrlNofollow'     => _t('对评论者个人主页链接使用 <a href="http://en.wikipedia.org/wiki/Nofollow">nofollow 属性</a>'),
-            'commentsAvatar'          => _t('启用 <a href="http://gravatar.com">Gravatar</a> 头像服务, 最高显示评级为 %s 的头像',
+            'commentsUrlNofollow'     => _t('对评论者个人主页链接使用 <a href="https://en.wikipedia.org/wiki/Nofollow">nofollow 属性</a>'),
+            'commentsAvatar'          => _t('启用 <a href="https://gravatar.com">Gravatar</a> 头像服务, 最高显示评级为 %s 的头像',
                 '</label><select id="commentsShow-commentsAvatarRating" name="commentsAvatarRating">
             <option value="G"' . ('G' == $this->options->commentsAvatarRating ? ' selected="true"' : '') . '>' . _t('G - 普通') . '</option>
             <option value="PG"' . ('PG' == $this->options->commentsAvatarRating ? ' selected="true"' : '') . '>' . _t('PG - 13岁以上') . '</option>
diff --git a/var/Widget/Options/Reading.php b/var/Widget/Options/Reading.php
index 0ad5904f..0bdd25ef 100644
--- a/var/Widget/Options/Reading.php
+++ b/var/Widget/Options/Reading.php
@@ -105,7 +105,7 @@ class Reading extends Permalink
             _t('文章日期格式'),
             _t('此格式用于指定显示在文章归档中的日期默认显示格式.') . '<br />'
             . _t('在某些主题中这个格式可能不会生效, 因为主题作者可以自定义日期格式.') . '<br />'
-            . _t('请参考 <a href="http://www.php.net/manual/zh/function.date.php">PHP 日期格式写法</a>.')
+            . _t('请参考 <a href="https://www.php.net/manual/zh/function.date.php">PHP 日期格式写法</a>.')
         );
         $postDateFormat->input->setAttribute('class', 'w-40 mono');
         $form->addInput($postDateFormat->addRule('xssCheck', _t('请不要在日期格式中使用特殊字符')));
diff --git a/var/Widget/Users/Edit.php b/var/Widget/Users/Edit.php
index c259c9b1..108cf65b 100644
--- a/var/Widget/Users/Edit.php
+++ b/var/Widget/Users/Edit.php
@@ -155,7 +155,7 @@ class Edit extends Users implements ActionInterface
             ],
             null,
             _t('用户组'),
-            _t('不同的用户组拥有不同的权限.') . '<br />' . _t('具体的权限分配表请<a href="http://docs.typecho.org/develop/acl">参考这里</a>.')
+            _t('不同的用户组拥有不同的权限.') . '<br />' . _t('具体的权限分配表请<a href="https://docs.typecho.org/develop/acl">参考这里</a>.')
         );
         $form->addInput($group);
 
diff --git a/var/Widget/Users/Profile.php b/var/Widget/Users/Profile.php
index e7b1e81a..ae7da4e4 100644
--- a/var/Widget/Users/Profile.php
+++ b/var/Widget/Users/Profile.php
@@ -53,7 +53,7 @@ class Profile extends Edit implements ActionInterface
             ['0' => _t('关闭'), '1' => _t('打开')],
             $this->options->markdown,
             _t('使用 Markdown 语法编辑和解析内容'),
-            _t('使用 <a href="http://daringfireball.net/projects/markdown/">Markdown</a> 语法能够使您的撰写过程更加简便直观.')
+            _t('使用 <a href="https://daringfireball.net/projects/markdown/">Markdown</a> 语法能够使您的撰写过程更加简便直观.')
             . '<br />' . _t('此功能开启不会影响以前没有使用 Markdown 语法编辑的内容.')
         );
         $form->addInput($markdown);
@@ -63,7 +63,7 @@ class Profile extends Edit implements ActionInterface
             ['0' => _t('关闭'), '1' => _t('打开')],
             $this->options->xmlrpcMarkdown,
             _t('在 XMLRPC 接口中使用 Markdown 语法'),
-            _t('对于完全支持 <a href="http://daringfireball.net/projects/markdown/">Markdown</a> 语法写作的离线编辑器, 打开此选项后将避免内容被转换为 HTML.')
+            _t('对于完全支持 <a href="https://daringfireball.net/projects/markdown/">Markdown</a> 语法写作的离线编辑器, 打开此选项后将避免内容被转换为 HTML.')
         );
         $form->addInput($xmlrpcMarkdown);