Sign Up to our social questions and Answers Engine to ask questions, answer people’s questions, and connect with other people.
Login to our social questions & Answers Engine to ask questions answer people’s questions & connect with other people.
Lost your password? Please enter your email address. You will receive a link and will create a new password via email.
Please briefly explain why you feel this question should be reported.
Please briefly explain why you feel this answer should be reported.
Please briefly explain why you feel this user should be reported.
How do I stop CodeIgniter adding semicolons ; to data sent via POST that contains ampersand &?
For example it is converting “a=1&b=2&c=3” into “a=1&b;=2&c;=3”. From looking on the forums it seems to be XSS filtering, which I don’t want to disable site-wide only for 1 controller, so I tried the code below but it’s still doing it:
$this->config->set_item('global_xss_filtering',false);
I’m not using XSS filtering, since it still have bug in it. For example, you will not be able to post a form that have youtube embed code in it when XSS filtering is on. I only use the filter per field that I want it to sanitized.
If your form is working with XSS filtering turned off, then turned it off. If you need to sanitize it against XSS attack, maybe consider another library, such as HTML purifier.