CodeIgniter xss_clean filter Example

In this article, we have shared how to implement the XSS filter in CodeIgniter. XSS stands for cross-site scripting. CodeIgniter comes with XSS filtering security. There are some cross-site scripting hack prevention filters in CodeIgniter. It is used to disable JavaScript or other types of code that try to hijack cookies and perform other types of malicious activities. CodeIgniter has a built-in XSS filter that is initialized automatically.
Before started to implement the xss_clean filter in CodeIgniter, look files structure:
  • codeigniter-xss-clean
    • application
      • config
        • routes.php
      • controllers
        • Contactus.php
      • views
        • contactForm
          • index.php
        • templates
          • header.php
          • footer.php
    • system
    • index.php
    • assets
      • images
      • css
        • style.css
Syntax:
Load “security” class in controller.
Executing “xss_clean” function using security class.
Create a controller file like Contactus.php inside “application/controllers” folder.
Create a View File like index.php inside “application/views/contactForm folder.

Note: For example, enter values in this form fields using tag, you will get a alert message, which is encountered by post method.