开发者

Cakephp Security and Sanitize in Views

开发者 https://www.devze.com 2023-03-24 13:39 出处:网络
I have a bunch of data getting passed from controllers to 开发者_JS百科views. Is there a quick way to grab all the data being passed from the controllers, like in AppController beforeRender and do a s

I have a bunch of data getting passed from controllers to 开发者_JS百科views. Is there a quick way to grab all the data being passed from the controllers, like in AppController beforeRender and do a sanitize->html on that data?


Quick way: App::import('Sanitize'); in the model and sanitize everything in beforeSave

Cake cookbook advises a different way though:

For sanitization against XSS its generally better to save raw HTML in database without modification and sanitize at the time of output/display.

0

精彩评论

暂无评论...
验证码 换一张
取 消