Skip to content

Commit

Permalink
chore: bump to laminas-escaper v2.15 (#9333)
Browse files Browse the repository at this point in the history
  • Loading branch information
@paulbalandan
paulbalandan authored Dec 21, 2024
1 parent 3a90d72 commit cd8ba91
Showing 1 changed file with 14 additions and 17 deletions.
31 changes: 14 additions & 17 deletions system/ThirdParty/Escaper/Escaper.php
View file
Original file line number Diff line number Diff line change
Expand Up @@ -25,6 +25,8 @@

/**
* Context specific methods for use in secure output escaping
*
* @final
*/
class Escaper
{
Expand All @@ -49,7 +51,7 @@ class Escaper
* Current encoding for escaping. If not UTF-8, we convert strings from this encoding
* pre-escaping and back to this encoding post-escaping.
*
* @var string
* @var non-empty-string
*/
protected $encoding = 'utf-8';

Expand Down Expand Up @@ -88,7 +90,7 @@ class Escaper
/**
* List of all encoding supported by this class
*
* @var array
* @var list<non-empty-string>
*/
protected $supportedEncodings = [
'iso-8859-1',
Expand Down Expand Up @@ -131,6 +133,7 @@ class Escaper
* Constructor: Single parameter allows setting of global encoding for use by
* the current object.
*
* @param non-empty-string|null $encoding
* @throws Exception\InvalidArgumentException
*/
public function __construct(?string $encoding = null)
Expand Down Expand Up @@ -159,25 +162,19 @@ public function __construct(?string $encoding = null)
// set matcher callbacks
$this->htmlAttrMatcher =
/** @param array<array-key, string> $matches */
function (array $matches): string {
return $this->htmlAttrMatcher($matches);
};
fn(array $matches): string => $this->htmlAttrMatcher($matches);
$this->jsMatcher =
/** @param array<array-key, string> $matches */
function (array $matches): string {
return $this->jsMatcher($matches);
};
fn(array $matches): string => $this->jsMatcher($matches);
$this->cssMatcher =
/** @param array<array-key, string> $matches */
function (array $matches): string {
return $this->cssMatcher($matches);
};
fn(array $matches): string => $this->cssMatcher($matches);
}

/**
* Return the encoding that all output/input is expected to be encoded in.
*
* @return string
* @return non-empty-string
*/
public function getEncoding()
{
Expand All @@ -188,7 +185,7 @@ public function getEncoding()
* Escape a string for the HTML Body context where there are very few characters
* of special meaning. Internally this will use htmlspecialchars().
*
* @return string
* @return ($string is non-empty-string ? non-empty-string : string)
*/
public function escapeHtml(string $string)
{
Expand All @@ -200,7 +197,7 @@ public function escapeHtml(string $string)
* to escape that are not covered by htmlspecialchars() to cover cases where an attribute
* might be unquoted or quoted illegally (e.g. backticks are valid quotes for IE).
*
* @return string
* @return ($string is non-empty-string ? non-empty-string : string)
*/
public function escapeHtmlAttr(string $string)
{
Expand All @@ -222,7 +219,7 @@ public function escapeHtmlAttr(string $string)
* Backslash escaping is not used as it still leaves the escaped character as-is and so
* is not useful in a HTML context.
*
* @return string
* @return ($string is non-empty-string ? non-empty-string : string)
*/
public function escapeJs(string $string)
{
Expand All @@ -240,7 +237,7 @@ public function escapeJs(string $string)
* an entire URI - only a subcomponent being inserted. The function is a simple proxy
* to rawurlencode() which now implements RFC 3986 since PHP 5.3 completely.
*
* @return string
* @return ($string is non-empty-string ? non-empty-string : string)
*/
public function escapeUrl(string $string)
{
Expand All @@ -251,7 +248,7 @@ public function escapeUrl(string $string)
* Escape a string for the CSS context. CSS escaping can be applied to any string being
* inserted into CSS and escapes everything except alphanumerics.
*
* @return string
* @return ($string is non-empty-string ? non-empty-string : string)
*/
public function escapeCss(string $string)
{
Expand Down

0 comments on commit cd8ba91

Please sign in to comment.