does URI use XSS Clean automatically?

[eluser]Chillahan[/eluser]
It occurred to me that since URI values get put into database queries, there is the chance for injection (although it would have to be URL encoded, so maybe there is no way for database to interpret). Still, I am wondering if the URI class automatically sanitizes data it provides? Does this include XSS_Clean?

Thanks, anyone who knows...

[eluser]xpix[/eluser]
I know that only certain characters are allowed:

URI Security

CodeIgniter is fairly restrictive regarding which characters it allows in your URI strings in order to help minimize the possibility that malicious data can be passed to your application. URIs may only contain the following:

* Alpha-numeric text
* Tilde: ~
* Period: .
* Colon: :
* Underscore: _
* Dash: -

[eluser]Chillahan[/eluser]
Ah, very cool, thanks for that knowledge! I couldn't find that documentation that you cited. Very good to know!

[eluser]Randy Casburn[/eluser]
@Chillahan --

I couldn’t find that documentation that you cited.

it was hidden -- under the "Security" Link

[eluser]Chillahan[/eluser]
Ah right - I skipped right over that first part, didn't connect it to being related to the URI class, thought it meant which characters it preferred were not used in your own URIs. It doesn't say right out that the URI class strips those symbols, for example. Thanks again!