[SOLVED]xss not stripping script on ajax requests

[eluser]bobbob[/eluser]
When ajax sends script tag it gets url encoded. I can't put it in here as it gets removed which is great but somehow when I run form_validation on it with xss it still gets through as a script tag to the db.

Receiving controller code that validates the list name:

Code:

public function create_new_list()
{
  $status['status'] = 0;
  $status['message'] = S_ERROR;
  $this->load->library('form_validation');
  $this->form_validation->set_rules('name', 'name', 'required|xss');
  $this->form_validation->set_rules('emails', 'emails', 'required|xss');
  if ($this->form_validation->run() != FALSE) {
   $list_id = $this->lists_model->create_new_list($_POST['name'],$this->session->userdata('user_id'));
   $status = $this->lists_model->add_to_email_list($_POST['emails'], $list_id);
  }
  echo json_encode($status);
}

emails are validated in the model. I am concerned with $_POST['name']
Did I misunderstand the validation class?

[eluser]CroNiX[/eluser]
It's probably because there isn't a validation rule/prepping function called "xss". It's called "xss_clean".

[eluser]bobbob[/eluser]
Funny that I missed that!!
Thanks!!