CodeIgniter Forums
CodeIgniter 2.2.1 XSS filter removes tab character '\t' from post variable - Printable Version

+- CodeIgniter Forums (https://forum.codeigniter.com)
+-- Forum: Development (https://forum.codeigniter.com/forum-6.html)
+--- Forum: Issues (https://forum.codeigniter.com/forum-19.html)
+--- Thread: CodeIgniter 2.2.1 XSS filter removes tab character '\t' from post variable (/thread-1620.html)



CodeIgniter 2.2.1 XSS filter removes tab character '\t' from post variable - strike_noir - 03-26-2015

I have upgraded my CodeIgniter from 2.1.4 to 2.2.1. In version 2.2.1 I noticed the variables that are sent to controller are being filtered even if I set the XSS filter setting to false.

$config['global_xss_filtering'] = FALSE;
This filtering unfortunately removes the tab character '\t' from the variable. So if I send some string with tab, the tab will get replaced by a space.

Because I'm sending a tabular data (jqgrid) in one string and I'm differentiating each row with a tab (and differentiating each column with a pipe character) now the controller cannot recognize the rows any more (the pipe character was not removed btw)

How to disable this filtering in CodeIgniter? Or maybe to escape the tab from getting removed?