发表新帖
发表新帖

Codeigniter - Disable XSS filtering on a post basis

后端 未结
关注
7 1788
予麋鹿
予麋鹿 2020-12-03 03:25

I\'m trying to set up a CMS on the back of a site but whenever post data has a in it the post data gets scrapped.

I\'ve got $config

7条回答
  • 旧巷少年郎
    旧巷少年郎 (楼主)
    2020-12-03 03:36

    If you want to keep global xss_clean enabled and override on only certain cases, you can extend the Input library to keep a clone of $_POST for providing raw data when asked:

    _POST_RAW = $_POST; //clone raw post data 
    parent::__construct(); 
}

public function post($index = null, $xss_clean = TRUE) { 
    if(!$xss_clean){ //if asked for raw post data -eg. post('key', false)-, return raw data. Use with caution.
        return $this->_POST_RAW[$index];
    }
    return parent::post($index, $xss_clean); 
    }
}
?>

    This way you can use $this->input->post('mydata', FALSE) to retrieve un-sanitized raw post data even if xss_clean is enabled globally.

    0 讨论(0)
 看不清?
提交回复
热议问题