Welcome Guest, Not a member yet? Register   Sign In
CodeIgniter Forums Archived Discussions Archived Development & Programming Can a URI var ever be malicious?
Can a URI var ever be malicious?
  • El Forum
    Guest
  •  
#2
04-19-2012, 02:13 PM

[eluser]luismartin[/eluser]
You are preventing from SQL injections by using CI's active record, but not from XSS attacks (javascript).
To do so, you can perform different steps:

- To set the XSS filtering config variable to TRUE: $config['global_xss_filtering'] = TRUE;

- To set to TRUE the second parameter of the post() and get() methods of Input class:
$clean_data = $this->input->post('myfield', true);

- To use the xss_clean method of Security class:
$clean_data = $this->security->xss_clean($data);


Messages In This Thread
Can a URI var ever be malicious? - by El Forum - 04-19-2012, 10:00 AM
Can a URI var ever be malicious? - by El Forum - 04-19-2012, 02:13 PM
Can a URI var ever be malicious? - by El Forum - 04-19-2012, 10:38 PM
Can a URI var ever be malicious? - by El Forum - 04-19-2012, 11:02 PM
Can a URI var ever be malicious? - by El Forum - 04-19-2012, 11:04 PM
Can a URI var ever be malicious? - by El Forum - 04-20-2012, 10:27 AM
Can a URI var ever be malicious? - by El Forum - 04-20-2012, 10:44 AM



Theme © iAndrew 2016 - Forum software by © MyBB