Online documentation for Global XSS Filtering section |
(05-26-2015, 09:20 AM)sparky672 Wrote: The online documentation for "XSS Filtering" here... It shouldn't mention it at all on that page ... https://github.com/bcit-ci/CodeIgniter/c...0bb8c52f05 (05-26-2015, 09:20 AM)sparky672 Wrote: Since the online documentation is missing this information, what is the best practice for global XSS filtering on a new project? Don't use it (because it's deprecated)? Do something else? Do nothing? Stick with per-item processing? What? Use xss_clean() when outputting user-supplied data, or let a templating engine like Twig do that for you - IMO, automatic XSS escaping are the only thing templating engines are useful for anyway ... |
Messages In This Thread |
Online documentation for Global XSS Filtering section - by sparky672 - 05-26-2015, 09:20 AM
RE: Online documentation for Global XSS Filtering section - by Narf - 05-27-2015, 09:16 AM
RE: Online documentation for Global XSS Filtering section - by sparky672 - 05-27-2015, 09:54 AM
RE: Online documentation for Global XSS Filtering section - by Narf - 05-27-2015, 01:31 PM
|