Welcome Guest, Not a member yet? Register   Sign In
CodeIgniter Forums Using CodeIgniter Installation & Setup Online documentation for Global XSS Filtering section
Online documentation for Global XSS Filtering section
  • Offline sparky672
    Junior Member
  • **
  • Posts: 13
    Threads: 3
    Joined: Apr 2015
    Reputation: 0
#1
05-26-2015, 09:20 AM
(This post was last modified: 05-26-2015, 09:22 AM by sparky672.)

The online documentation for "XSS Filtering" here...

http://www.codeigniter.com/user_guide/li...-filtering

says this:

Quote:If you want the filter to run automatically every time it encounters POST or COOKIE data you can enable it by opening your application/config/config.php file and setting this:
Code:
$config['global_xss_filtering'] = TRUE;

However, when I go to the config.php file and look at this section, I see the following comments:

Quote:
Code:
| WARNING: This feature is DEPRECATED and currently available only
|          for backwards compatibility purposes!

So if it's deprecated, shouldn't the online documentation also state this and explain more about it?

Since the online documentation is missing this information, what is the best practice for global XSS filtering on a new project?  Don't use it (because it's deprecated)?  Do something else?  Do nothing?  Stick with per-item processing?  What?
Reply


Messages In This Thread
Online documentation for Global XSS Filtering section - by sparky672 - 05-26-2015, 09:20 AM



Theme © iAndrew 2016 - Forum software by © MyBB