HTML Purifier, How-to create a hook for the library?

#1
[eluser]Michael;[/eluser]
I currently run the xss_clean() function global on all my CI apps, *just* in case ... I was looking over html purifier after reading a couple articles on the issue of xss security.

I did a search on the forums and came back with this thread:

http://ellislab.com/forums/viewthread/80680/#405862

But there is nothing in the wiki.

I also did a Google search and came across a few different links that shows how to use HTML Purifier as a library in CI:

http://mindloop.be/htmlpurifier-and-the-codeigniter-framework/

http://webcloud.se/article/Filtering_you...MLPurifier

http://www.jimohalloran.com/2007/10/24/b.../#more-716

With all this information, adding HTML Purifier as a library is relatively simple; but I would like to see if it's possible to use HTML Purifier as a replacement for XSS_Clean. Unfortunately I have no idea how to create hooks for CI, anyone wanna help me out with a walk through maybe?

Thanks.

#2
[eluser]Michael;[/eluser]
I'm not sure why, but until the last few minutes I had never sat down and actually read through the code in the input library ...

At this point in time I think that xss_clean() is just as secure as HTML Purifier is at the moment. I'm going to set up a test page and run through the XSS Cheat Sheet and see if anything pops. Barring that, I think running xss_clean() globally I am in pretty good shape.

I'm not sure wrote the input library, or the xss_clean() functions in particular, but I for one would just like to say i appreciate your work. Smile

Michael


Digg   Delicious   Reddit   Facebook   Twitter   StumbleUpon  


  Theme © 2014 iAndrew  
Powered By MyBB, © 2002-2021 MyBB Group.