cdub
Reputation: 25751
Cakephp Security and Sanitize in Views
I have a bunch of data getting passed from controllers to views. Is there a quick way to grab all the data being passed from the controllers, like in AppController beforeRender and do a sanitize->html on that data?
Upvotes: 0
Views: 403
Answers (1)
Anh Pham
Reputation: 5481
Quick way: App::import('Sanitize'); in the model and sanitize everything in beforeSave
Cake cookbook advises a different way though:
For sanitization against XSS its generally better to save raw HTML in database without modification and sanitize at the time of output/display.
Upvotes: 1
Related Questions
- How to sanitize user input in Cakephp3 through out the application
- CakePHP sanitize parameter
- Sanitizing data / SQL injections in CakePHP
- CakePHP : Prevent XSS attacks
- CakePHP: h() vs. Sanitize::html()
- CakePHP sanitize utils
- CakePhp: Avoid XSS attack keeping the ease of use of cake
- CakePHP: Sanitizing data when sending to Model::find
- When to do sanitization in CakePHP
- Sanitise data in cakephp