esanitizer

Yii Framework Extensions

Createnew extension

Popular Tags

esanitizer ESanitizer - uses HTMLPurifier to sanitize all user input

Documentation
Change Log

This extension sanitizes all user input ($_POST, $_GET, $_COOKIE,$_FILES) with html purifier to protect against XSS

Documentation ¶

Requirements ¶

Yii 1.0 or above

Installation ¶

Extract the release file under protected/extensions

Usage ¶

Add the following to your config file.

'preload'=>array('sanitizer'),

	
	// application components
	'components'=>array(
			'sanitizer' => array(
					"class" => 'ESanitizer',
					'sanitizeGet' =>false,
					'sanitizePost' => true,
					'sanitizeCookie' => true,

				),
)

Change Log ¶

September 10,2009 ¶

Update: added support for sanitizing $_FILES (enabled by default) added support for nofollowing links (enabled by default) added support for opening links in new windows (disabled by default)

September 9, 2009 ¶

Initial release.

2 1

4 followers

930 downloads

Yii Version: 1.1

License: (not set)

Category: Security

Tags:

Developed by: YorkSEO

Created on: Sep 9, 2009

Last updated: 15 years ago

Downloads

ESanitizer.zip

show all

User Contributed Notes 2

#2345

0 0

How to use?

How you use this plugin?

http://www.yiiframework.com/extension/esanitizer/

pcs2112 at Dec 15, 2010, 8:44:32 PM

#3479

0 0

Question about $_FILES sanitization

Why are you populating $_COOKIE from the $_FILES sanitization. This is a bug. It should populate to $_FILES. Am i missing something here?

oldblues10 at Apr 14, 2011, 6:46:24 PM

Categories