How to remove html String in XSS filtering? - Printable Version +- CodeIgniter Forums (https://forum.codeigniter.com) +-- Forum: Using CodeIgniter (https://forum.codeigniter.com/forumdisplay.php?fid=5) +--- Forum: Libraries & Helpers (https://forum.codeigniter.com/forumdisplay.php?fid=11) +--- Thread: How to remove html String in XSS filtering? (/showthread.php?tid=73598) |
How to remove html String in XSS filtering? - Geetha - 05-13-2019 Hi, I need to remove Html tags when using XSS Filtering , $value = "<p>[email protected]</p>" $val = $this->security->xss_clean($value); But it's not removed Html tags, why ?? Use stripe_tags for remove Html Tags in Codelgniter. RE: How to remove html String in XSS filtering? - Mr Lister - 05-13-2019 Hello, That is not the intent of the xss_clean() method. It is more geared for Java Script. As the Codeigniter Security Class mentions, use the html_escape() function for escaping HTML. The PHP function strip_tags() will remove HTML tags, not convert them. Alternatives for converting HTML entities to special characters are the PHP functions htmlspecialchars() and htmlentities(). RE: How to remove html String in XSS filtering? - Geetha - 05-13-2019 (05-13-2019, 03:29 PM)Mr Lister Wrote: Hello, Thanq so much Lister.Thanx for your help. |