what is XSS filtering in Codeigniter


what is the use of xss filtering in codeigniter?how can we use this?

sahithi_naidu Train Asked on April 14, 2015 in Software.
Add Comment
1 Answer(s)

XSS (Cross-site Scripting Hacks) filtering.

CodeIgniter comes with a Cross Site Scripting Hack prevention filter which can either run automatically to filter all POST and COOKIE data that is encountered, or you can run it on a per item basis. By default it does not run globally since it requires a bit of processing overhead, and since you may not need it in all cases.

The XSS filter looks for commonly used techniques to trigger Javascript or other types of code that attempt to hijack cookies or do other malicious things. If anything disallowed is encountered it is rendered safe by converting the data to character entities.

XSS Protection functionality is turned off by default. To turn on this functionality, you simply either set the global configuration (i.e. system/application/config/config.php)…

$config[‘global_xss_filtering’] = TRUE;

…or, you can do it manually within your controller(s) like so…

$myvar = $this->input->xss_clean($data);


radhika Train Answered on April 14, 2015.
Add Comment

Your Answer

By posting your answer, you agree to the privacy policy and terms of service.