Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Filter #48

Open
g105b opened this issue Apr 24, 2019 · 0 comments

Comments

1 participant
@g105b
Copy link
Member

commented Apr 24, 2019

Even though XSS isn't really a threat when using the DOM, most user input probably wants to be put through something like strip_tags. Someone's username of <script>alert("pwned")</script> would be nice to clean up.

Register a callback function to filter all user input, or just particular keys.

Idea:

$this->input->filter([$myClass, "filterInput"]) to pass EVERY kvp through your callback.
$this->input->filter([$myClass, "filterInput"], "name", "postcode") to only pass name and postcode kvps through your callback.

@g105b g105b added the enhancement label Apr 24, 2019

@g105b g105b added this to the v2 milestone Apr 24, 2019

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
You can’t perform that action at this time.