| About security (XSS, CSRF, etc) |
|
With this commit
https://github.com/bcit-ci/CodeIgniter/c...7364f75c4d I see that $config['global_xss_filtering'] is now deprecated and '... XSS filtering should not be done on input data, but on output instead.'. But what really means 'output'? What if I just need to log user input into a file or database and I want it to be as clean as possible? What are the golden rules about protection against attacks like XSS, CSRF, etc. using CI 3? |
| Messages In This Thread |
|
About security (XSS, CSRF, etc) - by geekita - 03-01-2015, 07:45 AM
RE: About security (XSS, CSRF, etc) - by Narf - 03-01-2015, 08:41 AM
RE: About security (XSS, CSRF, etc) - by geekita - 03-01-2015, 09:16 AM
RE: About security (XSS, CSRF, etc) - by twpmarketing - 03-01-2015, 01:47 PM
|
