Paul Bill

Just another Web Developer

  • Home
  • About
  • Blog
  • Contact

CodeIgniter’s Xss_clean Function Doesn’t Work

Well it does, but just not in the way I was expecting. It removes all html that it considers dangerous. However it will let some html elements through. When I ran my simple login script using a web vulnerability scanner, it returned cross site scripting (XSS) vulnerabilities that I was not expecting. If you are not accepting any html in your input […]

Looking for some help developing your web application or website?

Get in touch

 
 
© Paul Bill 2022. All rights reserved.