Welcome Guest, Not a member yet? Register   Sign In
XSS_filtering
#3

(10-18-2018, 09:23 PM)kilishan Wrote: I think you're in the wrong forum. CI4 doesn't have xss_clean method. Instead it provides the esc() method to escape data in views.

But what it means is that you don't escape data when you get it from the user. Different contexts need different types of escaping. For example, escaping for safety within a database is different than for when it's viewed on a web page. Instead, escape it when you need to use it so you can choose the proper way to handle it.

Yes, I posted a topic in the wrong side of forum.

I am not English mother tongue, so, sometime I have doubts about best practice in Codeigniter.
I am developing a web app and my goal is keeping an high level of secutity.

Thank You anyway.

P.S. do you think is early developing apps with CI 4?
Reply


Messages In This Thread
XSS_filtering - by emilio - 10-18-2018, 02:19 PM
RE: XSS_filtering - by kilishan - 10-18-2018, 09:23 PM
RE: XSS_filtering - by emilio - 10-19-2018, 05:31 AM



Theme © iAndrew 2016 - Forum software by © MyBB