HTML Purifier, How-to create a hook for the library?

I currently run the xss_clean() function global on all my CI apps, *just* in case ... I was looking over html purifier after reading a couple articles on the issue of xss security.

I did a search on the forums and came back with this thread:

But there is nothing in the wiki.

I also did a Google search and came across a few different links that shows how to use HTML Purifier as a library in CI:

With all this information, adding HTML Purifier as a library is relatively simple; but I would like to see if it's possible to use HTML Purifier as a replacement for XSS_Clean. Unfortunately I have no idea how to create hooks for CI, anyone wanna help me out with a walk through maybe?


I'm not sure why, but until the last few minutes I had never sat down and actually read through the code in the input library ...

At this point in time I think that xss_clean() is just as secure as HTML Purifier is at the moment. I'm going to set up a test page and run through the XSS Cheat Sheet and see if anything pops. Barring that, I think running xss_clean() globally I am in pretty good shape.

I'm not sure wrote the input library, or the xss_clean() functions in particular, but I for one would just like to say i appreciate your work. Smile


Digg   Delicious   Reddit   Facebook   Twitter   StumbleUpon  

  Theme © 2014 iAndrew  
Powered By MyBB, © 2002-2021 MyBB Group.