Pre-filter all possible input datas in onBootstrap()

I wonder if it is secure enough to check (for security reason) and filter (override) all possible input datas (get, post, cookie, session) in onBootstrap before any process? Can I override theese input datas (in Request object) in this way?

My application is very limited for user input data, i already use a common security filter (striptags, length etc.) that has been properly for all mentioned input data type checking.

Is there any other input data type that i should check ( instead of get, post, cookie and session) ?

Is it good way anyway?

sorry for my english :slight_smile: