Welcome Guest, Not a member yet? Register   Sign In
CodeIgniter Forums Archived Discussions Archived Development & Programming GLOBAL XSS FILTERING on 2.0.2 and CKEDITOR
GLOBAL XSS FILTERING on 2.0.2 and CKEDITOR
  • El Forum
    Unregistered
  •  
#16
07-28-2011, 01:29 AM

[eluser]P.T.[/eluser]
We turned off the XSS filtering in the config file and extended the Input class. We turned on XSS filtering as default for every function in our MY_Input. So as long as we don't sent a "FALSE" as second parameter in functions like $this->input->post(), the field is XSS filtered.

We also extended the Securty class with our own MY_Security. When a FALSE is sent to $this->input->post(), the field gets still XSS cleaned, but only then with less options. The style tag for example ain't filtered.

This way our regular fields are filtered the normal way and our CKEditor fields are filtered, but not as thoroughly as the regular fields. Seems to work quiet okay this way Smile


Messages In This Thread
GLOBAL XSS FILTERING on 2.0.2 and CKEDITOR - by El Forum - 04-10-2011, 10:16 AM
GLOBAL XSS FILTERING on 2.0.2 and CKEDITOR - by El Forum - 04-10-2011, 11:10 AM
GLOBAL XSS FILTERING on 2.0.2 and CKEDITOR - by El Forum - 04-12-2011, 12:05 AM
GLOBAL XSS FILTERING on 2.0.2 and CKEDITOR - by El Forum - 05-09-2011, 11:45 PM
GLOBAL XSS FILTERING on 2.0.2 and CKEDITOR - by El Forum - 05-12-2011, 02:49 AM
GLOBAL XSS FILTERING on 2.0.2 and CKEDITOR - by El Forum - 05-12-2011, 05:11 AM
GLOBAL XSS FILTERING on 2.0.2 and CKEDITOR - by El Forum - 05-19-2011, 11:05 AM
GLOBAL XSS FILTERING on 2.0.2 and CKEDITOR - by El Forum - 05-31-2011, 12:30 PM
GLOBAL XSS FILTERING on 2.0.2 and CKEDITOR - by El Forum - 06-10-2011, 06:11 PM
GLOBAL XSS FILTERING on 2.0.2 and CKEDITOR - by El Forum - 06-17-2011, 11:31 AM
GLOBAL XSS FILTERING on 2.0.2 and CKEDITOR - by El Forum - 06-17-2011, 11:38 AM
GLOBAL XSS FILTERING on 2.0.2 and CKEDITOR - by El Forum - 07-07-2011, 06:03 AM
GLOBAL XSS FILTERING on 2.0.2 and CKEDITOR - by El Forum - 07-21-2011, 10:14 PM
GLOBAL XSS FILTERING on 2.0.2 and CKEDITOR - by El Forum - 07-22-2011, 01:39 AM
GLOBAL XSS FILTERING on 2.0.2 and CKEDITOR - by El Forum - 07-22-2011, 03:10 AM
GLOBAL XSS FILTERING on 2.0.2 and CKEDITOR - by El Forum - 07-28-2011, 01:29 AM
GLOBAL XSS FILTERING on 2.0.2 and CKEDITOR - by El Forum - 07-30-2011, 05:09 AM
GLOBAL XSS FILTERING on 2.0.2 and CKEDITOR - by El Forum - 08-10-2011, 01:10 AM
GLOBAL XSS FILTERING on 2.0.2 and CKEDITOR - by El Forum - 08-12-2011, 12:50 AM
GLOBAL XSS FILTERING on 2.0.2 and CKEDITOR - by El Forum - 08-12-2011, 07:51 AM
GLOBAL XSS FILTERING on 2.0.2 and CKEDITOR - by El Forum - 08-13-2011, 08:44 PM
GLOBAL XSS FILTERING on 2.0.2 and CKEDITOR - by El Forum - 02-08-2012, 11:48 AM
GLOBAL XSS FILTERING on 2.0.2 and CKEDITOR - by El Forum - 07-24-2012, 09:03 AM
GLOBAL XSS FILTERING on 2.0.2 and CKEDITOR - by El Forum - 09-22-2012, 01:57 AM
GLOBAL XSS FILTERING on 2.0.2 and CKEDITOR - by El Forum - 08-20-2013, 02:29 PM



Theme © iAndrew 2016 - Forum software by © MyBB