Overly aggressive xss cleaning? - Printable Version +- CodeIgniter Forums (https://forum.codeigniter.com) +-- Forum: Archived Discussions (https://forum.codeigniter.com/forumdisplay.php?fid=20) +--- Forum: Archived Development & Programming (https://forum.codeigniter.com/forumdisplay.php?fid=23) +--- Thread: Overly aggressive xss cleaning? (/showthread.php?tid=37522) |
Overly aggressive xss cleaning? - El Forum - 01-12-2011 [eluser]Unknown[/eluser] When as in my case $_POST['body'] contains an HTML image element with a valid src attribute, f.ex. Code: <img src="http://test.es/test4.png" alt="" > Code: <img > Now, it is sort of a limitation not being allowed to submit html code like that to a CI app.. EDIT: CodeIgniter 1.7.3 $config['global_xss_filtering'] = TRUE; The img src points to an external site |