Input requested on Security Strategy for CI4-based app

Don't believe the protectIdentifiers() method. It does not protect in many cases.
It is not a security feature. It just protects in known cases.

So don't pass user input to it without validation with allow list.

ci-phpunit-test | CodeIgniter Testing Guide | CodeIgniter 3 to 4 Upgrade Helper