From 61ac7bdd8291251f5709a3212b234ea5030340ef Mon Sep 17 00:00:00 2001 From: Andrey Andreev Date: Tue, 1 Sep 2015 12:07:25 +0300 Subject: [ci skip] Reduce/improve wording of xss_clean() description --- user_guide_src/source/libraries/security.rst | 15 +++++---------- 1 file changed, 5 insertions(+), 10 deletions(-) (limited to 'user_guide_src') diff --git a/user_guide_src/source/libraries/security.rst b/user_guide_src/source/libraries/security.rst index 2cbe46f4d..f7604ef00 100644 --- a/user_guide_src/source/libraries/security.rst +++ b/user_guide_src/source/libraries/security.rst @@ -16,16 +16,11 @@ application, processing input data for security. XSS Filtering ************* -CodeIgniter comes with a Cross Site Scripting Hack prevention filter -which can either run automatically to filter all POST and COOKIE data -that is encountered, or you can run it on a per item basis. By default -it does **not** run globally since it requires a bit of processing -overhead, and since you may not need it in all cases. - -The XSS filter looks for commonly used techniques to trigger Javascript -or other types of code that attempt to hijack cookies or do other -malicious things. If anything disallowed is encountered it is rendered -safe by converting the data to character entities. +CodeIgniter comes with a Cross Site Scripting prevention filter, which +looks for commonly used techniques to trigger JavaScript or other types +of code that attempt to hijack cookies or do other malicious things. +If anything disallowed is encountered it is rendered safe by converting +the data to character entities. To filter data through the XSS filter use the ``xss_clean()`` method:: -- cgit v1.2.3-24-g4f1b