894   CodeIgniter PHP XSS

CI 的Security类提供了XSS过滤的函数

$this->secutry->xss_clean();

获取表单输入时,进行XSS过滤也很简单,input类已经集成了,

// 过滤XSS
$content = $this->input->post($content,TRUE);
// 不过滤
$name = $this->input->get($name,FALSE);

如果你想全局过滤所有的输入,只需在config.php设置即可

$config['global_xss_filtering'] = TRUE;

官网资料:https://codeigniter.com/user_guide/libraries/input.html?highlight=xss




Leave a Reply

Your email address will not be published. Required fields are marked *