CodeIgniter The Security & The Magic of Hook

Abdul Malik Ikhsan

Security Class

Security Class ~ CSRF Protection (1)

Activate It

Security Class ~ CSRF Protection (2)

Security Class ~ CSRF Protection (3)

Security Class ~ CSRF Protection (4)

First Request

Second Request

Security Class ~ XSS Filtering (1)

Activate It

Security Class ~ XSS Filtering (2)

Testing…

Security Class ~ XSS Filtering (3)

Dan Hasilnya…

Security Helper

xss_clean() sanitize_filename() do_hash() strip_image_tags() encode_php_tags()

The Hook ( 1 ) Fitur Hook memungkinkan kita

memanggil “script” pada saat sebelum sistem flow berjalan, sebelum action controller dipanggil, setelah action controller dipanggil, ataupun setelah sistem flow berjalan.

The Hook ( 2 ) Enable It

The Hook ~ The Example ( 1 )

The Hook ~ The Example ( 2 ) Tambahkan pada hooks config

The Hook ~ The Example ( 3 )

Terima Kasih

This presentation contained copyrighted material licensed under various creative commons licenses unless otherwise noted:

Photos http://images2.wikia.nocookie.net/__cb20070120193457/uncyclopedia/images/a/af/Class.jpg http://www.flagship-housing.co.uk/image/Help%20and%20support/help.jpg

References CodeIgniter User Guide http://samsonasik.wordpress.com