duanbimo7212 2012-08-20 19:44
浏览 80

XSS过滤不会在post codeigniter上禁用

I'm in the process of developing a basic WYSIWYG for my site and I've used this line to turn XSS filtering off

$this->input->post(NULL, FALSE); 

I have also tried


as I understand it, this should give me all postdata and not filter it, however, it appears to still be removing my <script> tags. Disregarding security concerns for now (I'll handle those still) how can I guarantee that my scripts are not removed without disabling XSS for my entire site?

P.S. I have also verified that $config['global_xss_filtering'] is set to false.

  • 写回答

1条回答 默认 最新

  • dongyoufo5672 2012-08-20 20:05

    Per the CI documentation, if you're looking to pull the whole post array without XSS, you should replace $this->input->post(NULL, FALSE); with $this->input->post();

    See http://codeigniter.com/user_guide/libraries/input.html

    本回答被题主选为最佳回答 , 对您是否有帮助呢?



    • ¥20 C语言字符串不区分大小写字典排序相关问题
    • ¥15 关于#python#的问题:我希望通过逆向技术爬取1688搜索页下滑加载的数据
    • ¥15 学习C++过程中遇到的问题
    • ¥15 关于Linux的终端里,模拟实现一个带口令保护的屏保程序遇到的输入输出的问题!(语言-c语言)
    • ¥15 学习C++过程中遇到的问题
    • ¥15 请问,这个嵌入式Linux系统怎么分析,crc检验区域在哪
    • ¥15 二分类改为多分类问题
    • ¥15 Unity微信小游戏上调用ReadPixels()方法报错
    • ¥15 如何通过求后验分布求得样本中属于两种物种其中一种的概率?
    • ¥15 q从常量变成sin函数,怎么改写python代码?