global xss

[eluser]Flying Fish[/eluser]
I enabled global XSS filtering in my config file

Code:

./system/application/config/config.php

Code:

$config['global_xss_filtering'] = TRUE;

This means I never have to add xss_clean in my validation rules, is that right?

[eluser]TheFuzzy0ne[/eluser]
Yes. Any input sent via the post method will be automatically sanitized for you.

[eluser]Flying Fish[/eluser]
Great thanks. I'm doing so much with forms that it just seemed to make sense to enable it globally.