POST Data being sanitized even when global_xss_filter set to FALSE
Development and Programming
I’m building a Module where I have another service sending encrypted XML via a Module Action, however the POST data that I get from $_POST is always shorter than the actual data the service is sending. I am assuming this means there is some XSS filtering going on.
I have global_xss_filtering set to false in my config.php file… do I need to set it false anywhere else to make sure my data isn’t being scrubbed?
Thanks!
Just an update, it looks like the POST vars automatically get sent into _sanitize_globals() inside the input class, which are then modified in the _clean_input_data() method. Both of those methods do not check if sanitizing is enabled or not, and automatically scrub the data. Is there anyway to get around these?