summaryrefslogtreecommitdiffstats
path: root/user_guide_src/source/libraries/security.rst
diff options
context:
space:
mode:
authorTim Nolte <noltet@sekisui-spi.com>2015-06-08 18:25:34 +0200
committerTim Nolte <noltet@sekisui-spi.com>2015-06-08 18:25:34 +0200
commit89ed9fafd75e3b65a7691f1b13440bdedadf5eda (patch)
tree5dfa69c55ff48502527fcb6f4f532fb5ad6651ca /user_guide_src/source/libraries/security.rst
parent2ac4177b4b6afc63d594523416c3991d23dddf20 (diff)
parentb76394834a3e36e8c376913cd9666a8d7a4cea45 (diff)
Merge branch 'develop' into feature/mysqli-ssl
Diffstat (limited to 'user_guide_src/source/libraries/security.rst')
-rw-r--r--user_guide_src/source/libraries/security.rst8
1 files changed, 1 insertions, 7 deletions
diff --git a/user_guide_src/source/libraries/security.rst b/user_guide_src/source/libraries/security.rst
index ac56fc589..305a8e57c 100644
--- a/user_guide_src/source/libraries/security.rst
+++ b/user_guide_src/source/libraries/security.rst
@@ -35,12 +35,6 @@ To filter data through the XSS filter use the ``xss_clean()`` method::
$data = $this->security->xss_clean($data);
-If you want the filter to run automatically every time it encounters
-POST or COOKIE data you can enable it by opening your
-application/config/config.php file and setting this::
-
- $config['global_xss_filtering'] = TRUE;
-
An optional second parameter, *is_image*, allows this function to be used
to test images for potential XSS attacks, useful for file upload
security. When this second parameter is set to TRUE, instead of
@@ -88,7 +82,7 @@ may alter this behavior by editing the following config parameter
::
- $config['csrf_regeneration'] = TRUE;
+ $config['csrf_regenerate'] = TRUE;
Select URIs can be whitelisted from csrf protection (for example API
endpoints expecting externally POSTed content). You can add these URIs