[eluser]Armchair Samurai[/eluser]
It seems that XSS clean is doing something odd - rather than converting to character entities, it is simply truncating the input string.
Consider this input string:
Code:
<p>この集まりのトピックやテーマは、Judith Costello とJurgen Haverの活動 や彼らの本<a href="http://www.amazon.co.jp/s/ref=nb_ss_gw/250-0763964-7014653?__mk_ja_JP=�J�^�J�i&url=search-alias=aps&field;-keywords=Zen+Parenting:+The+Art+of+Learning+What+You+Already+Know&Go;.x=12&Go;.y=14">Zen Parenting(禅式子育て)</a>に負うところが大きいです。</p>
Some basic HTML. Now, if I run this string through the xss_filter, the href is truchated to
Code:
http://www.amazon.co.jp/s/ref=nb_ss_gw/250-0763964-7014653?__mk_ja_JP=
and all text afterwards is likewise removed. I hope that's understandable, but the forum also appears to have a bug which messes up the text and I am unable to post the actual string returned.
I'm running CI 1.6.3 and PHP 5.2.1. I believe this is a bug - can anyone duplicate the error?
