Welcome Guest, Not a member yet? Register   Sign In
CodeIgniter Forums Archived Discussions Archived General Discussion URL via javascript into CodeIgniter
URL via javascript into CodeIgniter
  • El Forum
    Guest
  •  
#2
06-22-2007, 05:49 PM

[eluser]Phil Sturgeon[/eluser]
I'm betting your trouble comes from lines 503-504 of libraries/Input.php

Code:
$str = preg_replace("/&#xu0;([a-z0-9]{3})/i", "&#x\\1;", $str);
        $str = preg_replace("/%([a-z0-9]{2})/i", "&#x\\1;", $str);

This should be disabled in the /config/config.php but perhaps its either on or not working for you.

If you can set:

Code:
$config['global_xss_filtering'] = FALSE;

If it is already false, then either comment out the two lines I mentioned in the input library, or include an if saying

Code:
$CI =& get_instance();
    if($CI->uri->router->class != 'bookmarks' and $CI->uri->router->method != 'add'):
            $str = preg_replace("/&#xu0;([a-z0-9]{3})/i", "&#x\\1;", $str);
        $str = preg_replace("/%([a-z0-9]{2})/i", "&#x\\1;", $str);
    endif;

Then this XSS_CLEAN function will only run if its not this page. anyone got a batter idea? >.<


Messages In This Thread
URL via javascript into CodeIgniter - by El Forum - 06-22-2007, 09:29 AM
URL via javascript into CodeIgniter - by El Forum - 06-22-2007, 05:49 PM
URL via javascript into CodeIgniter - by El Forum - 06-23-2007, 06:08 AM
URL via javascript into CodeIgniter - by El Forum - 06-23-2007, 12:26 PM
URL via javascript into CodeIgniter - by El Forum - 06-24-2007, 04:49 PM



Theme © iAndrew 2016 - Forum software by © MyBB