Welcome Guest, Not a member yet? Register   Sign In
CodeIgniter Forums Archived Discussions Archived Development & Programming GLOBAL XSS FILTERING on 2.0.2 and CKEDITOR
GLOBAL XSS FILTERING on 2.0.2 and CKEDITOR
  • El Forum
    Unregistered
  •  
#6
05-12-2011, 05:11 AM

[eluser]predat0r[/eluser]
[quote author="xarazar" date="1305208176"]Confirmed. XSS_filtering is the culprit here. I've built 7 websites with Tinymce since CI 2.0 release and everything worked well. But the latest project was given CI 2.0.2 and when concocted with Tinymce it filters out image alignment.
I'm not sure I feel comfortable with XSS filtering disabled. Perhaps we could add an exception somewhere? Interestingly properties like "width" are not filtered out. It seems that "style" definition gets removed.[/quote]

Yes only style property filtered out. I set FALSE the global xss filtering, I use it manually, and with variables filled from tinymce textarea I use htmlentities and html_entitiy_decode, dunno it's reasonable protection or not..


Messages In This Thread
GLOBAL XSS FILTERING on 2.0.2 and CKEDITOR - by El Forum - 04-10-2011, 10:16 AM
GLOBAL XSS FILTERING on 2.0.2 and CKEDITOR - by El Forum - 04-10-2011, 11:10 AM
GLOBAL XSS FILTERING on 2.0.2 and CKEDITOR - by El Forum - 04-12-2011, 12:05 AM
GLOBAL XSS FILTERING on 2.0.2 and CKEDITOR - by El Forum - 05-09-2011, 11:45 PM
GLOBAL XSS FILTERING on 2.0.2 and CKEDITOR - by El Forum - 05-12-2011, 02:49 AM
GLOBAL XSS FILTERING on 2.0.2 and CKEDITOR - by El Forum - 05-12-2011, 05:11 AM
GLOBAL XSS FILTERING on 2.0.2 and CKEDITOR - by El Forum - 05-19-2011, 11:05 AM
GLOBAL XSS FILTERING on 2.0.2 and CKEDITOR - by El Forum - 05-31-2011, 12:30 PM
GLOBAL XSS FILTERING on 2.0.2 and CKEDITOR - by El Forum - 06-10-2011, 06:11 PM
GLOBAL XSS FILTERING on 2.0.2 and CKEDITOR - by El Forum - 06-17-2011, 11:31 AM
GLOBAL XSS FILTERING on 2.0.2 and CKEDITOR - by El Forum - 06-17-2011, 11:38 AM
GLOBAL XSS FILTERING on 2.0.2 and CKEDITOR - by El Forum - 07-07-2011, 06:03 AM
GLOBAL XSS FILTERING on 2.0.2 and CKEDITOR - by El Forum - 07-21-2011, 10:14 PM
GLOBAL XSS FILTERING on 2.0.2 and CKEDITOR - by El Forum - 07-22-2011, 01:39 AM
GLOBAL XSS FILTERING on 2.0.2 and CKEDITOR - by El Forum - 07-22-2011, 03:10 AM
GLOBAL XSS FILTERING on 2.0.2 and CKEDITOR - by El Forum - 07-28-2011, 01:29 AM
GLOBAL XSS FILTERING on 2.0.2 and CKEDITOR - by El Forum - 07-30-2011, 05:09 AM
GLOBAL XSS FILTERING on 2.0.2 and CKEDITOR - by El Forum - 08-10-2011, 01:10 AM
GLOBAL XSS FILTERING on 2.0.2 and CKEDITOR - by El Forum - 08-12-2011, 12:50 AM
GLOBAL XSS FILTERING on 2.0.2 and CKEDITOR - by El Forum - 08-12-2011, 07:51 AM
GLOBAL XSS FILTERING on 2.0.2 and CKEDITOR - by El Forum - 08-13-2011, 08:44 PM
GLOBAL XSS FILTERING on 2.0.2 and CKEDITOR - by El Forum - 02-08-2012, 11:48 AM
GLOBAL XSS FILTERING on 2.0.2 and CKEDITOR - by El Forum - 07-24-2012, 09:03 AM
GLOBAL XSS FILTERING on 2.0.2 and CKEDITOR - by El Forum - 09-22-2012, 01:57 AM
GLOBAL XSS FILTERING on 2.0.2 and CKEDITOR - by El Forum - 08-20-2013, 02:29 PM



Theme © iAndrew 2016 - Forum software by © MyBB