Merge pull request #22685 from eileenmcnaughton/finacl

[civicrm-core.git] / api / v3 / Generic / Setvalue.php

diff --git a/api/v3/Generic/Setvalue.php b/api/v3/Generic/Setvalue.php
index b6ce00c9bc2b3341f70c4d7e7b9017e79ed2a478..8f6b10ed07ebd4e0aa47d33c4f64313c78827d6b 100644 (file)
--- a/api/v3/Generic/Setvalue.php
+++ b/api/v3/Generic/Setvalue.php
@@ -80,9 +80,6 @@ function civicrm_api3_generic_setValue($apiRequest) {
 
     case CRM_Utils_Type::T_STRING:
     case CRM_Utils_Type::T_TEXT:
-      if (!CRM_Utils_Rule::xssString($value)) {
-        return civicrm_api3_create_error(ts('Illegal characters in input (potential scripting attack)'), ['error_code' => 'XSS']);
-      }
       if (array_key_exists('maxlength', $def)) {
         $value = substr($value, 0, $def['maxlength']);
       }