Is there an easier way than
foreach($_POST as $x=>$y){
$arr[$x] = $this->input->get_post($y, TRUE);
}
to just have the entire $_POST array cleaned with CI's XSS filter. Looking at the input library it seems though get_post() only accepts an individual variable rather than being able to clean the entire array and then return the array back.
Not sure if you want it globally, but if you do... from ze manual:
If you want the filter to run automatically every time it encounters POST or COOKIE data you can enable it by opening your application/config/config.php file and setting this:
$config['global_xss_filtering'] = TRUE;
The chosen answer for this is correct in a sense but the information is provided is not a suitable answer to the real problem which is XSS filtering in CI.
To further the comment by bobince some good reading at:
http://ponderwell.net/2010/08/codeigniter-xss-protection-is-good-but-not-enough-by-itself/
Either htmlspecialchars / htmlentities / urlencode on all output or go home. CI's XSS filter uses a dated and broken blacklist technique that fails a lot of XSS attacks.
Encode and validate. Always.