CodeIgniter Forums
global_xss_filtering - false detection - Printable Version

+- CodeIgniter Forums (https://forum.codeigniter.com)
+-- Forum: Archived Discussions (https://forum.codeigniter.com/forumdisplay.php?fid=20)
+--- Forum: Archived Development & Programming (https://forum.codeigniter.com/forumdisplay.php?fid=23)
+--- Thread: global_xss_filtering - false detection (/showthread.php?tid=53044)



global_xss_filtering - false detection - El Forum - 07-09-2012

[eluser]Unknown[/eluser]
I am using codeigniter 2.1.2 and TinyMCE editor to insert and edit data in my administrator page. But then I found the strangeness that made codeigniter ie remove sintax :
Code:
<p><span>strong><img src="cake.jpg" alt="" width="167" height="167" />Deskripsi</strong></span></p>
became
Code:
<p><span  14pt;"><strong><img   src="cake.jpg" alt="" width="167" height="167" />Deskripsi</strong></span></p>

Once I track down these peculiarities by comparing versions below 2.1.0 codeigniter there were errors in the Security XSS Filtering feature

XSS Filtering techniques that have codeigniter create a script on top of being a mess. Which should result in the image frame on a strange.
Probably should be improved so that users can combine codeigniter codeigniter with TinyMCE without resistance