Welcome Guest, Not a member yet? Register   Sign In
CodeIgniter Forums Archived Discussions Archived Development & Programming How can I be as security tight as possible?
How can I be as security tight as possible?
  • El Forum
    Guest
  •  
#6
02-15-2009, 07:48 PM

[eluser]darkhouse[/eluser]
I generally do all my XSS filtering in the rules of my form validation. That way I can apply it only to the ones that absolutely need it, and do other things in other fields to make sure they don't allow XSS even without using the XSS filter. For example, if you're accepting any field that should be a number, just use the rule 'numeric', because if it is a number, it can't have any XSS in it, and you didn't need to use the beefy XSS filter to prove that. 'valid_email' is another one. For things like postal/zip codes and things you know a certain format for, you can (and should) write a callback to make sure they're in that format, which would alleviate the need for XSS as well.


Messages In This Thread
How can I be as security tight as possible? - by El Forum - 02-15-2009, 10:50 AM
How can I be as security tight as possible? - by El Forum - 02-15-2009, 10:53 AM
How can I be as security tight as possible? - by El Forum - 02-15-2009, 10:54 AM
How can I be as security tight as possible? - by El Forum - 02-15-2009, 11:20 AM
How can I be as security tight as possible? - by El Forum - 02-15-2009, 11:34 AM
How can I be as security tight as possible? - by El Forum - 02-15-2009, 07:48 PM
How can I be as security tight as possible? - by El Forum - 02-16-2009, 03:23 AM
How can I be as security tight as possible? - by El Forum - 02-16-2009, 06:35 AM



Theme © iAndrew 2016 - Forum software by © MyBB