+- CodeIgniter Forums (https://forum.codeigniter.com)
+-- Forum: Archived Discussions (https://forum.codeigniter.com/forumdisplay.php?fid=20)
+--- Forum: Archived Libraries & Helpers (https://forum.codeigniter.com/forumdisplay.php?fid=22)
+--- Thread: XSS filtering and passwords (/showthread.php?tid=60522)
XSS filtering and passwords - El Forum - 04-15-2014
[eluser]nl_vinyl[/eluser]
In all my applications I use global XSS filtering. However the passwords are apparently filtered as well and special characters are giving problems.
If I test this with a password like: Hello2014&, a user is never able to login. The "&" character is the problem.
Is there a way to correct this issue? If possible without turning of global filtering?
XSS filtering and passwords - El Forum - 04-15-2014
[eluser]InsiteFX[/eluser]
Why not just use the input class xss_clean?
XSS filtering and passwords - El Forum - 04-15-2014
[eluser]nl_vinyl[/eluser]
Since forgetting it once will haunt you till eternity and I it will require me going through the whole application.
I did some more digging and found a fix for it:
https://github.com/EllisLab/CodeIgniter/commit/80a16b1cd0d4716b5ea41497685a8fac02e34333