Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Prevent setting text as HTML in Text #2043

Merged
merged 9 commits into from
Nov 27, 2024
Merged

Prevent setting text as HTML in Text #2043

merged 9 commits into from
Nov 27, 2024
+47 −23

Conversation

mvorisek
Copy link
Member

fix #2040

@mvorisek mvorisek force-pushed the text_dangerous_html branch 3 times, most recently from 32dddf5 to 7f97285 Compare September 7, 2023 11:24
@mvorisek mvorisek marked this pull request as ready for review November 27, 2024 15:56
DarkSide666
DarkSide666 approved these changes Nov 27, 2024
View reviewed changes
Copy link
Member

@DarkSide666 DarkSide666 left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

LGTM

src/Text.php Outdated
$this->content .= $this->getApp()->getTag('p', [], $text);
$this->content[] = (new HtmlValue())->dangerouslySetHtml('<p>');
$this->content[] = (new HtmlValue())->set($text);
$this->content[] = (new HtmlValue())->dangerouslySetHtml('</p>');
Copy link
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

here you could simply use $this->dangerouslyAddHtml('</p>');, but that's additional function call, so probably better not.

@mvorisek mvorisek merged commit 78b7fd5 into develop Nov 27, 2024
48 of 49 checks passed
@mvorisek mvorisek deleted the text_dangerous_html branch November 27, 2024 17:09
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@DarkSide666 DarkSide666 DarkSide666 approved these changes

Assignees
No one assigned
Labels
BC-break
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.

HTML text can be passed easily to Text
2 participants
@mvorisek @DarkSide666