1

I encountered a weird issue with CodeIgniter xml-rpc. If some data in the request contains system (xxx) it is automatically converted to system &140;xxx&140;

It only happens when you have word system followed by opening and closing brackets.

For example if I send Bachelor in Information system (BIS) it is received as Bachelor in Information system &140;BIS&141;

Just wondering if anyone else has ever had this issue or know anything about this.

Thanks

Improve this question

1 Answer 1

Reset to default
2

That is caused by the CodeIgniter XSS filtering which is activated by default. It happens because system() is a command in PHP to execute shell code.

Simple workaround (not recommended): Deactivate it in config.php

$config['global_xss_filtering'] = FALSE;

Better workaround: Deactivate it on a per-case base in your XML-RPC controller, so in the server part set 

$this->config->set_item('global_xss_filtering',FALSE);
Improve this answer
Sign up to request clarification or add additional context in comments.

1 Comment

Yes you are right. Its because of the xss filtering. But it is not governed by global_xss_filtering parameter in config file. Even if you make it FALSE, issue still comes. Rather there is a separate xss_clean property in Xmlrpc.php which govern this setting. Thanks for your help.

Your Answer

By clicking “Post Your Answer”, you agree to our terms of service and acknowledge you have read our privacy policy.

Start asking to get answers

Find the answer to your question by asking.

Ask question

Explore related questions

See similar questions with these tags.