Percent character replaced in Codeigniter

Question

In Codeigniter I\'m sending a string using POST method as \"%100\" and it becomes \"0\". I believe this is because they\'re being treated as encode

Answer 1

Instead of removing the rawurldecode function, you could create your own MY_Security class that you can then use to override the xss_clean function. Maybe use PHP's rawurlencode function before calling the parent parent xss_clean function. Something like this:

That will encode the value so that when it's decoded by the parent function, you'll have the original value you submitted.