xss_clean 在 Codeigniter 2 中工作正常但在 Codeigniter 4 中不行?
xss_clean in Codeigniter 2 work fine but in Codeigniter 4 doesn't?
我正在尝试将 codeigniter 2 中的系统迁移到同一框架的版本 4,但是当我想在 CI4 中执行函数 $nomUsr = $ security-> xss_clean ($ this-> input-> post ('nomUsr')); 时,出现此 returns 错误。我忘记将某些内容加载到另一个文件中,或者 xss_clean 不再用于 codeigniter 4?
非常感谢!!
CI4 没有 xss_clean 功能,因为这是防止 XSS 的错误方法。这是 official reply
XSS_clean should be conspired deprecated. That's a not a recommended
practice to rely on. You should filter your inputs AND escape your
outputs.
Input:
https://codeigniter4.github.io/userguide/libraries/validation.html
https://codeigniter4.github.io/userguide/incoming/incomingrequest.html#retrieving-input
"Filtering Input Data"
Output:
https://codeigniter4.github.io/userguide/outgoing/view_renderer.html#escaping-data
https://codeigniter4.github.io/userguide/outgoing/view_renderer.html#escaping-contexts
我正在尝试将 codeigniter 2 中的系统迁移到同一框架的版本 4,但是当我想在 CI4 中执行函数 $nomUsr = $ security-> xss_clean ($ this-> input-> post ('nomUsr')); 时,出现此 returns 错误。我忘记将某些内容加载到另一个文件中,或者 xss_clean 不再用于 codeigniter 4?
非常感谢!!
CI4 没有 xss_clean 功能,因为这是防止 XSS 的错误方法。这是 official reply
XSS_clean should be conspired deprecated. That's a not a recommended practice to rely on. You should filter your inputs AND escape your outputs.
Input: https://codeigniter4.github.io/userguide/libraries/validation.html https://codeigniter4.github.io/userguide/incoming/incomingrequest.html#retrieving-input "Filtering Input Data"
Output: https://codeigniter4.github.io/userguide/outgoing/view_renderer.html#escaping-data https://codeigniter4.github.io/userguide/outgoing/view_renderer.html#escaping-contexts