Fix #346 When ['global_xss_filtering'] was turned on, the , , & superglobals were automatically overwritten. This resulted in one of the following problems: - xss_clean() being called twice - Inability to retrieve the original (not filtered) value XSS filtering is now only applied on demand by the Input class, and the default value for the parameter in CI_Input methods is changed to NULL. Unless a boolean value is passed to them, whether XSS filtering is applied depends on the ['global_xss_filtering'] value.

commit: 80a16b1cd0d4716b5ea41497685a8fac02e34333 [log] [tgz]
author: Andrey Andreev <narf@devilix.net> Wed Jan 08 17:19:03 2014 +0200
committer: Andrey Andreev <narf@devilix.net> Wed Jan 08 17:19:03 2014 +0200
tree: 3705897a0412c65f0ff4e01f6733a67217064bff
parent: fb614478990694c3622baee2d01b414638c26508 [diff] [blame]
diff --git a/system/helpers/cookie_helper.php b/system/helpers/cookie_helper.php
index 5cdcdd1..a79083a 100644
--- a/system/helpers/cookie_helper.php
+++ b/system/helpers/cookie_helper.php

@@ -74,8 +74,9 @@
 	 * @param	bool
 	 * @return	mixed
 	 */
-	function get_cookie($index, $xss_clean = FALSE)
+	function get_cookie($index, $xss_clean = NULL)
 	{
+		is_bool($xss_clean) OR $xss_clean = (config_item('global_xss_filtering') === TRUE);
 		$prefix = isset($_COOKIE[$index]) ? '' : config_item('cookie_prefix');
 		return get_instance()->input->cookie($prefix.$index, $xss_clean);
 	}
commit	80a16b1cd0d4716b5ea41497685a8fac02e34333	[log] [tgz]
author	Andrey Andreev <narf@devilix.net>	Wed Jan 08 17:19:03 2014 +0200
committer	Andrey Andreev <narf@devilix.net>	Wed Jan 08 17:19:03 2014 +0200
tree	3705897a0412c65f0ff4e01f6733a67217064bff
parent	fb614478990694c3622baee2d01b414638c26508 [diff] [blame]