This class is initialized automatically.
For general XSS protection handling, please refer to the Cross Site Scripting section of the security guidelines.
||Either a string or an array to sanitize|
||Either a string or an array of sanitized strings. If
xss_clean() is the built in ExpressionEngine XSS sanitization method, which is constantly tweaked for improved security and performance:
$str = ee()->security->xss_clean($str);
For general CSRF protection handling, please refer to the Cross Site Request Forgery section of the security guidelines.
Deprecated since version 2.8: CSRF Tokens are now multi-use.
||Filename to sanitize|
Removes naughty characters from filenames. Returns a sanitized string:
$filename = ee()->security->sanitize_filename($name);
Returns a random hash: