Welcome Guest, Not a member yet? Register   Sign In
CodeIgniter Forums Archived Discussions Archived General Discussion Does anyone know of an instance where the default XSS filter included with CodeIgniter has failed?
Does anyone know of an instance where the default XSS filter included with CodeIgniter has failed?
  • El Forum
    Guest
  •  
#1
02-02-2012, 03:34 PM

[eluser]timtocci[/eluser]
I've used HTMLPurifier with other (non codeigniter) projects and had great results. Thing is that HTMLPurifier has a big overhead. Since CodeIgniter has a filtering built in I've never thought about using anything else. Recently, I've noticed a few wiki entries about using the HTMLPurifier system with CodeIgniter. That's why I ask the question: Does anyone know of an instance where the default XSS filter included with CodeIgniter has failed? And if so, where and under what conditions?
  • El Forum
    Guest
  •  
#2
02-02-2012, 03:49 PM

[eluser]CroNiX[/eluser]
Never heard of it happening, but I'm interested if others have as well.
  • El Forum
    Guest
  •  
#3
02-02-2012, 06:23 PM

[eluser]InsiteFX[/eluser]
I never have!
  • El Forum
    Guest
  •  
#4
02-03-2012, 12:18 AM

[eluser]PhilTem[/eluser]
I never had any problems with the CI XSS-filter. But what exactly do you mean with 'has failed'? Failed by filtering too much or by filter too less? Just curious Wink

If anybody else had failed experiences with CI's XSS-filter, I'd like to hear, too Wink




Theme © iAndrew 2016 - Forum software by © MyBB