Changeset 648 for trunk/application/config/config.php

Timestamp:

10/04/2007 03:32:31 PM (14 months ago)

Author:

Shadowhand

Message:

Updated Input, replacing xss_clean() with a function by Christian Stocker. This function is blazing fast and does most of the right stuff.

Other changes are spit shine.

Files:

• trunk/application/config/config.php (modified) (1 diff)

trunk/application/config/config.php

@@ -58 +58 @@
 */
 $config['permitted_uri_chars'] = 'a-z 0-9~%.:_-';
+
+/*
+| -----------------------------------------------------------------------------
+| Global XSS Filtering
+| -----------------------------------------------------------------------------
+|
+| Enable or disable global XSS (Cross-Site-Scripting) attack filtering on all
+| user input, include POST, GET, and FILES.
+|
+*/
+$config['global_xss_filtering'] = TRUE;
 
 /*