| xss attack |
[eluser]Volkscom[/eluser]
when I use codeigniter security for preventing xss attack, it's not working properly... I set $config['global_xss_filtering'] = TRUE in the application/config/config.php file and I used the input class for getting the data like $this->input->post('usname', TRUE); But it is allowing the user to embed the malicious script into generated page and execute the script. For inserting the data in the database i used the codeigniter class.But it also insert malicious script like html tags,it is not filtering the html tags and the special characters. How to resolve this problem?. Is it need to set any other varible?. Please reply it soon..
[eluser]predat0r[/eluser]
[quote author="Volkscom" date="1307451324"]when I use codeigniter security for preventing xss attack, it's not working properly... I set $config['global_xss_filtering'] = TRUE in the application/config/config.php file and I used the input class for getting the data like $this->input->post('usname', TRUE); But it is allowing the user to embed the malicious script into generated page and execute the script. For inserting the data in the database i used the codeigniter class.But it also insert malicious script like html tags,it is not filtering the html tags and the special characters. How to resolve this problem?. Is it need to set any other varible?. Please reply it soon..[/quote] http://blog.astrumfutura.com/2011/05/cod...endations/ you're welcome! |
| Welcome Guest, Not a member yet? Register Sign In |
MENU
EXTRA MENU
ABOUT US
CodeIgniter is a powerful PHP framework with a very small footprint, built for developers who need a simple and elegant toolkit to create full-featured web applications.
