filter input - escape output |
Basically you escape the output with using `html_escape()` in your view files.
https://www.codeigniter.com/userguide3/h...eld-values It is an alias for `htmlspecialchars()`. But in some places, using `html_escape()` is not enough. See https://www.owasp.org/index.php/XSS_%28C...es_Summary |
Messages In This Thread |
filter input - escape output - by edoramedia - 05-22-2016, 01:05 AM
RE: filter input - escape output - by kenjis - 05-22-2016, 02:01 AM
RE: filter input - escape output - by edoramedia - 05-22-2016, 02:11 AM
RE: filter input - escape output - by kenjis - 05-22-2016, 02:36 AM
RE: filter input - escape output - by ivantcholakov - 05-22-2016, 07:29 AM
RE: filter input - escape output - by cartalot - 05-22-2016, 12:21 PM
|