Overriding Code Igniter 2.14's global_xss_filtering settting
- by user2353007
I have created the following file at:
application/core/MY_Security.php
<?php if ( ! defined('BASEPATH')) exit('No direct script access allowed');
/*
* Does not work with global xss
*/
class MY_Security extends CI_Security
{
function xss_clean($str, $is_image = FALSE)
{
$CI =& get_instance();
$CI->load->library('My_cleaner');
return $CI->my_cleaner->clean_html($str);
}
}
this works great for $this-input-post('post_var', TRUE);
and
$this-security-xss_clean($input);
It is working very well except when I go into application/config/config.php and change
$config['global_xss_filtering] = FALSE;
to
$config['global_xss_filtering] = TRUE;
in that case, I just get a white page on every controllers action/function.
Does anybody know what else I have to change to get global_xss_filtering = TRUE; to work when overriding the xss_clean function in system/core/Security.php through application/core/MY_Security.php?
I'm guessing it might be something with the loader but I'm not sure where to start. The next option is to just replace the function in the system/core/Security.php file which I am trying to avoid.
Thanks.