This extension sanitizes all user input ($_POST, $_GET, $_COOKIE,$_FILES) with html purifier to protect against XSS
Documentation ¶
Requirements ¶
- Yii 1.0 or above
Installation ¶
- Extract the release file under
protected/extensions
Usage ¶
Add the following to your config file.
'preload'=>array('sanitizer'),
// application components
'components'=>array(
'sanitizer' => array(
"class" => 'ESanitizer',
'sanitizeGet' =>false,
'sanitizePost' => true,
'sanitizeCookie' => true,
),
)
Change Log ¶
September 10,2009 ¶
Update: added support for sanitizing $_FILES (enabled by default) added support for nofollowing links (enabled by default) added support for opening links in new windows (disabled by default)
September 9, 2009 ¶
- Initial release.
How to use?
How you use this plugin?
http://www.yiiframework.com/extension/esanitizer/
Question about $_FILES sanitization
Why are you populating $_COOKIE from the $_FILES sanitization. This is a bug. It should populate to $_FILES. Am i missing something here?
If you have any questions, please ask in the forum instead.
Signup or Login in order to comment.