Skip to content

Commit

Permalink
only escape trans parameters
Browse files Browse the repository at this point in the history
  • Loading branch information
taylorotwell committed Oct 2, 2018
1 parent f4551ca commit 98046cb
Show file tree
Hide file tree
Showing 5 changed files with 24 additions and 8 deletions.
2 changes: 2 additions & 0 deletions src/Illuminate/Translation/Translator.php
Original file line number Diff line number Diff line change
Expand Up @@ -264,6 +264,8 @@ protected function makeReplacements($line, array $replace)
$replace = $this->sortReplacements($replace);

foreach ($replace as $key => $value) {
$value = e($value);

$line = str_replace(
[':'.$key, ':'.Str::upper($key), ':'.Str::ucfirst($key)],
[$value, Str::upper($value), Str::ucfirst($value)],
Expand Down
Original file line number Diff line number Diff line change
Expand Up @@ -18,7 +18,7 @@ protected function compileLang($expression)
return "<?php \$__env->startTranslation{$expression}; ?>";
}

return "<?php echo e(app('translator')->getFromJson{$expression}); ?>";
return "<?php echo app('translator')->getFromJson{$expression}; ?>";
}

/**
Expand All @@ -28,7 +28,7 @@ protected function compileLang($expression)
*/
protected function compileEndlang()
{
return '<?php echo e($__env->renderTranslation()); ?>';
return '<?php echo $__env->renderTranslation(); ?>';
}

/**
Expand All @@ -39,6 +39,6 @@ protected function compileEndlang()
*/
protected function compileChoice($expression)
{
return "<?php echo e(app('translator')->choice{$expression}); ?>";
return "<?php echo app('translator')->choice{$expression}; ?>";
}
}
14 changes: 14 additions & 0 deletions tests/Translation/TranslationTranslatorTest.php
Original file line number Diff line number Diff line change
Expand Up @@ -49,6 +49,20 @@ public function testGetMethodProperlyLoadsAndRetrievesItem()
$this->assertEquals('foo', $t->get('foo::bar.foo'));
}

public function testTransMethodProperlyLoadsAndRetrievesItemWithHTMLReplacements()
{
$t = new \Illuminate\Translation\Translator($this->getLoader(), 'en');
$t->getLoader()->shouldReceive('load')->once()->with('en', 'foo', '*')->andReturn(['bar' => 'breeze :foo']);
$this->assertSame('breeze &lt;p&gt;test&lt;/p&gt;', $t->trans('foo.bar', ['foo' => '<p>test</p>'], 'en'));
}

public function testTransMethodProperlyLoadsAndRetrievesItemWithHTMLInTheMessage()
{
$t = new \Illuminate\Translation\Translator($this->getLoader(), 'en');
$t->getLoader()->shouldReceive('load')->once()->with('en', 'foo', '*')->andReturn(['bar' => 'breeze <p>test</p>']);
$this->assertSame('breeze <p>test</p>', $t->trans('foo.bar', [], 'en'));
}

public function testGetMethodProperlyLoadsAndRetrievesItemWithCapitalization()
{
$t = $this->getMockBuilder('Illuminate\Translation\Translator')->setMethods(null)->setConstructorArgs([$this->getLoader(), 'en'])->getMock();
Expand Down
4 changes: 2 additions & 2 deletions tests/View/Blade/BladeExpressionTest.php
Original file line number Diff line number Diff line change
Expand Up @@ -6,13 +6,13 @@ class BladeExpressionTest extends AbstractBladeTestCase
{
public function testExpressionsOnTheSameLine()
{
$this->assertEquals('<?php echo e(app(\'translator\')->getFromJson(foo(bar(baz(qux(breeze())))))); ?> space () <?php echo e(app(\'translator\')->getFromJson(foo(bar))); ?>', $this->compiler->compileString('@lang(foo(bar(baz(qux(breeze()))))) space () @lang(foo(bar))'));
$this->assertEquals('<?php echo app(\'translator\')->getFromJson(foo(bar(baz(qux(breeze()))))); ?> space () <?php echo app(\'translator\')->getFromJson(foo(bar)); ?>', $this->compiler->compileString('@lang(foo(bar(baz(qux(breeze()))))) space () @lang(foo(bar))'));
}

public function testExpressionWithinHTML()
{
$this->assertEquals('<html <?php echo e($foo); ?>>', $this->compiler->compileString('<html {{ $foo }}>'));
$this->assertEquals('<html<?php echo e($foo); ?>>', $this->compiler->compileString('<html{{ $foo }}>'));
$this->assertEquals('<html <?php echo e($foo); ?> <?php echo e(app(\'translator\')->getFromJson(\'foo\')); ?>>', $this->compiler->compileString('<html {{ $foo }} @lang(\'foo\')>'));
$this->assertEquals('<html <?php echo e($foo); ?> <?php echo app(\'translator\')->getFromJson(\'foo\'); ?>>', $this->compiler->compileString('<html {{ $foo }} @lang(\'foo\')>'));
}
}
6 changes: 3 additions & 3 deletions tests/View/Blade/BladeLangTest.php
Original file line number Diff line number Diff line change
Expand Up @@ -7,13 +7,13 @@ class BladeLangTest extends AbstractBladeTestCase
public function testStatementThatContainsNonConsecutiveParenthesisAreCompiled()
{
$string = "Foo @lang(function_call('foo(blah)')) bar";
$expected = "Foo <?php echo e(app('translator')->getFromJson(function_call('foo(blah)'))); ?> bar";
$expected = "Foo <?php echo app('translator')->getFromJson(function_call('foo(blah)')); ?> bar";
$this->assertEquals($expected, $this->compiler->compileString($string));
}

public function testLanguageAndChoicesAreCompiled()
{
$this->assertEquals('<?php echo e(app(\'translator\')->getFromJson(\'foo\')); ?>', $this->compiler->compileString("@lang('foo')"));
$this->assertEquals('<?php echo e(app(\'translator\')->choice(\'foo\', 1)); ?>', $this->compiler->compileString("@choice('foo', 1)"));
$this->assertEquals('<?php echo app(\'translator\')->getFromJson(\'foo\'); ?>', $this->compiler->compileString("@lang('foo')"));
$this->assertEquals('<?php echo app(\'translator\')->choice(\'foo\', 1); ?>', $this->compiler->compileString("@choice('foo', 1)"));
}
}

0 comments on commit 98046cb

Please sign in to comment.