xss_clean stripping '/' from self-closing tags - Printable Version +- CodeIgniter Forums (https://forum.codeigniter.com) +-- Forum: Archived Discussions (https://forum.codeigniter.com/forumdisplay.php?fid=20) +--- Forum: Archived Development & Programming (https://forum.codeigniter.com/forumdisplay.php?fid=23) +--- Thread: xss_clean stripping '/' from self-closing tags (/showthread.php?tid=11113)

xss_clean stripping '/' from self-closing tags - El Forum - 08-26-2008 [eluser]JJenZz[/eluser] This might not be a bug... I have set global_xss_filtering to true in my config.php and have noticed that it removes the forward slash at the end of self closing tags. Has anyone any idea what I modify to stop then from being stripped? xss_clean stripping '/' from self-closing tags - El Forum - 08-26-2008 [eluser]Derek Allard[/eluser] could you give an example of how to re-create? Just submit "<something />"? xss_clean stripping '/' from self-closing tags - El Forum - 08-26-2008 [eluser]JJenZz[/eluser] Yes, I am trying to add &lt;img src="whatever" height="100" width="100" alt="something" /&gt; and the forward slash is being removed. EDIT: I just noticed it is happening in these forum posts too.... If you add an image tag without converting the &lt; and &gt; to html entities and then try to edit your post, you will see the forward slash no longer exists in the edit. xss_clean stripping '/' from self-closing tags - El Forum - 08-26-2008 [eluser]Derek Allard[/eluser] Oh, its for images. Yes, I know what this is. Its from the input library around 686. I'll need to look into this in more detail. Is this "mission critical" for you? I may be able to help you with a workaround if so. xss_clean stripping '/' from self-closing tags - El Forum - 08-27-2008 [eluser]JJenZz[/eluser] It's not mission critical... I've only got a silly little blog that I'm playing with and it was making my XHTML invalid. In the meantime I've just changed the values in the DB hah! Please keep me posted though I'll have a poke around line 686 later today and see if I can resolve it temporarily. xss_clean stripping '/' from self-closing tags - El Forum - 08-27-2008 [eluser]Derek Jones[/eluser] Fixed in the SVN, you can grab the new file from the repository, JJenZz. Thanks for reporting!