关闭全局XSS过滤功能。控制器？ [英] Turn off Global XSS Filtering for spec. controller?

问题描述

旧问题：CodeIgniter => Facebook应用程序取消授权

Edit2：我刚刚意识到这个问题....

  | ------------------------------------------------ -------------------------- 
 |全局XSS过滤
 | ------------------------------------------ -------------------------------- 
 | 
 |确定当GET，POST或
 |时XSS过滤器是否始终处于活动状态COOKIE数据遇到
 | 
 * / 
 $ config ['global_xss_filtering'] = TRUE; 
  

CodeIgniter阻止没有特定令牌作为隐藏值的POST请求...

现在问题是：可以关闭特定控制器吗？

解决方案

您可以选择性地使用本指南来禁用 global_xss_filtering ： Codeigniter - 根据帖子禁用XSS筛选

I'm developing project integrated with FB and I have problem with Deautharization (when user remove App from his Authorized Apps)

Old Question: CodeIgniter => Facebook App Deauthorization

Edit2: I just realized the problem....

|--------------------------------------------------------------------------
| Global XSS Filtering
|--------------------------------------------------------------------------
|
| Determines whether the XSS filter is always active when GET, POST or
| COOKIE data is encountered
|
*/
$config['global_xss_filtering'] = TRUE;

CodeIgniter block POST requests that don't have specific token as hidden value...

So question now is : can I turn it off for specific controller ?

解决方案

You can disable global_xss_filtering selectively using this guide: Codeigniter - Disable XSS filtering on a post basis

这篇关于关闭全局XSS过滤功能。控制器？的文章就介绍到这了，希望我们推荐的答案对大家有所帮助，也希望大家多多支持IT屋！