Demos · Guide · Class Reference · Wiki · Extensions · Forum · Live Chat · Login
search

esanitizer

ESanitizer - uses HTMLPurifier to sanitize all user input
report it
3 followers

This extension sanitizes all user input ($_POST, $_GET, $_COOKIE,$_FILES) with html purifier to protect against XSS

Documentation

Requirements

  • Yii 1.0 or above

Installation

  • Extract the release file under protected/extensions

Usage

Add the following to your config file.

'preload'=>array('sanitizer'),
 
 
    // application components
    'components'=>array(
            'sanitizer' => array(
                    "class" => 'ESanitizer',
                    'sanitizeGet' =>false,
                    'sanitizePost' => true,
                    'sanitizeCookie' => true,
 
                ),
)

Change Log

September 10,2009

Update: added support for sanitizing $_FILES (enabled by default) added support for nofollowing links (enabled by default) added support for opening links in new windows (disabled by default)

September 9, 2009

  • Initial release.

Total 2 comments

#3479 report it
oldblues10 at 2011/04/14 02:46pm
Question about $_FILES sanitization

Why are you populating $_COOKIE from the $_FILES sanitization. This is a bug. It should populate to $_FILES. Am i missing something here?

#2345 report it
pcs2112 at 2010/12/15 03:44pm
How to use?

How you use this plugin?

http://www.yiiframework.com/extension/esanitizer/

Leave a comment

Please to leave your comment.

Create extension
Search Extensions
Downloads
See all »
  • License: Other Open Source License
  • Developed by: YorkSEO
  • Category: Security
  • Votes: +2 / -1
  • Downloaded: 753 times
  • Created on: Sep 9, 2009
  • Last updated: Sep 10, 2009
 

Yii Supporters

  • The Ext4Yii Framework is a professional PHP Yii extension which provides server-side ExtJS functionality.
Terms of Service | License | Contact Us
Copyright © 2013 by Yii Software LLC. All Rights Reserved.