-
Notifications
You must be signed in to change notification settings - Fork 11.1k
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
[10.x] Gracefully handle invalid code points in e()
#46914
Merged
Merged
+7
−1
Conversation
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
bert-w
added a commit
to bert-w/framework
that referenced
this pull request
May 5, 2023
commit 025c912 Author: Taylor Otwell <[email protected]> Date: Fri May 5 14:47:22 2023 -0500 respect parents on middleware priority (laravel#46972) commit 07a5e09 Author: Saya <[email protected]> Date: Sat May 6 01:36:04 2023 +0800 [10.x] Add url support for mail config (laravel#46964) * Add url support for mail config * ci fix * formatting --------- Co-authored-by: Taylor Otwell <[email protected]> commit 1e6b467 Author: Tim MacDonald <[email protected]> Date: Sat May 6 03:00:49 2023 +1000 wip (laravel#46963) commit 1c783fe Author: Günther Debrauwer <[email protected]> Date: Thu May 4 17:27:41 2023 +0200 [10.x] Add 'hashed' cast (laravel#46947) * Add 'hashed' cast * Fix linting issues commit 51251d4 Author: taylorotwell <[email protected]> Date: Thu May 4 14:54:58 2023 +0000 Update facade docblocks commit 82a8da7 Author: Anjorin Damilare <[email protected]> Date: Thu May 4 15:54:23 2023 +0100 [10.x] add expression to DB table doctype (laravel#46955) commit 65f6426 Author: Wouter de Jong <[email protected]> Date: Thu May 4 14:41:20 2023 +0200 Fix typo in PHPdoc tag (laravel#46960) commit c164078 Author: Tim MacDonald <[email protected]> Date: Thu May 4 05:17:54 2023 +1000 [10.x] Siesta (laravel#46904) * wip * wip * wip * wip * wip * wip * wip * wip * wip * wip * wip * wip * wip * Update src/Illuminate/Support/Siesta.php Co-authored-by: Nuno Maduro <[email protected]> * Update src/Illuminate/Support/Siesta.php Co-authored-by: Nuno Maduro <[email protected]> * Update src/Illuminate/Support/Siesta.php Co-authored-by: Nuno Maduro <[email protected]> * wip * wip * wip * wip * wip * wip * wip * wip * formatting and rename to sleep --------- Co-authored-by: Nuno Maduro <[email protected]> Co-authored-by: Taylor Otwell <[email protected]> commit 6e8b883 Author: Volodya Kurshudyan <[email protected]> Date: Wed May 3 22:19:29 2023 +0400 Add sortRecursiveDesc() method (laravel#46945) Co-authored-by: Volodya Khurshudyan <[email protected]> commit d800f9e Author: Abu Sayed Jobayer <[email protected]> Date: Wed May 3 19:51:21 2023 +0600 Update doc block to make array notation more consist. (laravel#46942) commit ba46acb Author: Bert <[email protected]> Date: Tue May 2 23:24:37 2023 +0200 [10.x] Expose `Js::json()` helper (laravel#46935) * change to static * Update Js.php --------- Co-authored-by: Taylor Otwell <[email protected]> commit 2aff286 Author: StyleCI Bot <[email protected]> Date: Mon May 1 16:09:32 2023 +0000 Apply fixes from StyleCI commit f8dd01a Author: Italo <[email protected]> Date: Mon May 1 12:09:09 2023 -0400 [10.x] Adds ability to restore/set Global Scopes (laravel#46922) * [10.x] Adds ability to restore/set Global Scopes * Update HasGlobalScopes.php --------- Co-authored-by: Taylor Otwell <[email protected]> commit a2f35fa Author: Günther Debrauwer <[email protected]> Date: Mon May 1 18:07:12 2023 +0200 [10.x] Use method on UploadedFile to validate image dimensions (laravel#46912) * imageSize method on uploadedfile * formatting * fix variable --------- Co-authored-by: Taylor Otwell <[email protected]> commit 8de1aa2 Author: Kieran <[email protected]> Date: Mon May 1 17:05:23 2023 +0100 [10.x] Mark commands as isolatable (laravel#46925) * Ability to set default for --isolated option * set default exit code * Update Command.php --------- Co-authored-by: Taylor Otwell <[email protected]> commit 812ef55 Author: Christian Rishøj <[email protected]> Date: Mon May 1 17:52:24 2023 +0200 follow default PHP behavior and replace invalid codepoints (laravel#46914) commit 96f0d0e Author: Choraimy Kroonstuiver <[email protected]> Date: Mon May 1 17:41:14 2023 +0200 Add missing typehint to cache repository contract (laravel#46929) commit 89ac58a Author: Taylor Otwell <[email protected]> Date: Thu Apr 27 10:29:15 2023 -0500 fix replace missing_unless commit 5f30445 Merge: 9cd734c f43355f Author: Tetiana Blindaruk <[email protected]> Date: Tue Apr 25 20:33:53 2023 +0300 Merge remote-tracking branch 'origin/10.x' into 10.x # Conflicts: # CHANGELOG.md commit 9cd734c Author: Tetiana Blindaruk <[email protected]> Date: Tue Apr 25 20:33:29 2023 +0300 [10.x] Update CHANGELOG.md commit f43355f Author: TBlindaruk <[email protected]> Date: Tue Apr 25 16:47:37 2023 +0000 Update CHANGELOG commit 3507812 Merge: e2a65b3 675ea86 Author: Taylor Otwell <[email protected]> Date: Tue Apr 25 08:47:18 2023 -0500 fix conflicts commit 675ea86 Author: Taylor Otwell <[email protected]> Date: Tue Apr 25 08:44:05 2023 -0500 version commit e2a65b3 Author: Bogdan Lotarev <[email protected]> Date: Tue Apr 25 15:40:49 2023 +0200 [10.x] Use foreignUlid if model uses HasUlids trait when call foreignIdFor (laravel#46876) * fix: use foreignUlid if model uses HasUlids * test: add assert for MySql * Update Blueprint.php --------- Co-authored-by: Taylor Otwell <[email protected]> commit b5bef6b Author: StyleCI Bot <[email protected]> Date: Mon Apr 24 19:32:27 2023 +0000 Apply fixes from StyleCI commit 846d1a0 Author: Anjorin Damilare <[email protected]> Date: Mon Apr 24 20:32:06 2023 +0100 [10.x]: improve job release method to accept date instance (laravel#46854) * [10.x]: improve job release method to accept date instance * Update InteractsWithQueue.php --------- Co-authored-by: Taylor Otwell <[email protected]> commit 7136338 Author: Tim MacDonald <[email protected]> Date: Tue Apr 25 05:16:49 2023 +1000 [10.x] Named static methods for middleware (laravel#46362) * wip * Standardise of `using` for Authorization middleware * Update ValidateSignature.php * Update ThrottleRequests.php * Update ThrottleRequests.php * Update RequirePassword.php --------- Co-authored-by: Taylor Otwell <[email protected]> commit 2922575 Author: Nuno Maduro <[email protected]> Date: Mon Apr 24 19:49:40 2023 +0100 [10.x] Uses `@template-covariant` in collections (laravel#46872) * docs: update collection docs to use template-covariant for the values This allows developers to use classes with inheritance on collections. See types/Support/Collection.php for an example * Revert `@template-covariant` on Arrayable * Apply fixes from StyleCI --------- Co-authored-by: rvanvelzen <[email protected]> Co-authored-by: StyleCI Bot <[email protected]> commit 1793066 Author: Finn <[email protected]> Date: Mon Apr 24 17:59:54 2023 +0200 Fix implode docblock to accept callable as parameter (laravel#46869) Co-authored-by: Finn Paes <[email protected]> commit 89a5468 Author: Luke Kuzmish <[email protected]> Date: Mon Apr 24 09:43:14 2023 -0400 [10.x] Throw LogicException when calling `FileFactory@image()` if mimetype is not supported (laravel#46859) * throw exception if FileFactory does not support mimetype * style * formatting * rely on $functionName --------- Co-authored-by: Taylor Otwell <[email protected]> commit 9cfd7e1 Author: Niclas <[email protected]> Date: Mon Apr 24 15:25:43 2023 +0200 Pass through IGNITION_LOCAL_SITES_PATH environment variable when serving (laravel#46857) Enables correct link generation for opening files from the error page when running inside docker. commit d199af3 Author: s4muel <[email protected]> Date: Fri Apr 21 17:14:58 2023 +0200 [10.x] update return type in docblock for Process pipe method (laravel#46848) * update return type in docblock for Process pipe method * update the Process.php docblock as well * Update Factory.php --------- Co-authored-by: Taylor Otwell <[email protected]> commit 0c9b3e9 Author: Dries Vints <[email protected]> Date: Fri Apr 21 15:14:53 2023 +0200 Make rules method in FormRequest optional (laravel#46846) commit 3d28bdc Author: James Hulse <[email protected]> Date: Thu Apr 20 18:37:59 2023 +0100 [10.x] Allow pruning all cancelled and unfinished queue batches (laravel#46833) * Allow pruning all cancelled and unfinished batches * Apply fixes from StyleCI commit 2b463dd Author: Miran AL Mehrab <[email protected]> Date: Thu Apr 20 22:29:37 2023 +0600 Add new HTTP status assertions (laravel#46841) * Adds gone status check * Adds service unavailable status check * Adds internal server error status check commit a3cfd2d Author: Tsuguya Toma <[email protected]> Date: Wed Apr 19 22:54:02 2023 +0900 fix date_format rule throw ValueError (laravel#46824) commit ed75852 Author: Rudie Dirkx <[email protected]> Date: Tue Apr 18 21:06:23 2023 +0200 Use pivot model fromDateTime instead of assuming Carbon (laravel#46822) commit 6f575fc Merge: 3259360 95ffddc Author: Tetiana Blindaruk <[email protected]> Date: Tue Apr 18 21:54:43 2023 +0300 Merge remote-tracking branch 'origin/10.x' into 10.x commit 3259360 Author: Tetiana Blindaruk <[email protected]> Date: Tue Apr 18 21:54:23 2023 +0300 [10.x] Update CHANGELOG.md commit 95ffddc Author: masoud derakhshi <[email protected]> Date: Tue Apr 18 22:00:04 2023 +0330 [10.x] whereMorphedTo null (laravel#46821) * Update QueriesRelationships.php * Update DatabaseEloquentBuilderTest.php * Update DatabaseEloquentBuilderTest.php * Update DatabaseEloquentBuilderTest.php commit 7aab67d Author: Gaitholabi <[email protected]> Date: Tue Apr 18 21:18:06 2023 +0300 [10.x] Allow separate directory for locks on filestore (laravel#46811) * allow separate directory for locks on filestore * fix style * fix method signature * Update src/Illuminate/Cache/FileStore.php Co-authored-by: Dries Vints <[email protected]> * apply styleci * formatting --------- Co-authored-by: Dries Vints <[email protected]> Co-authored-by: Taylor Otwell <[email protected]> commit e838b1d Author: TBlindaruk <[email protected]> Date: Tue Apr 18 17:52:33 2023 +0000 Update CHANGELOG commit 9747b8c Author: Tetiana Blindaruk <[email protected]> Date: Tue Apr 18 20:48:03 2023 +0300 [9.x] Update CHANGELOG.md commit 5d8416e Merge: 317d7cc 16454f1 Author: Dries Vints <[email protected]> Date: Tue Apr 18 17:01:19 2023 +0200 Merge branch '9.x' into 10.x # Conflicts: # src/Illuminate/Foundation/Application.php commit 317d7cc Author: Taylor Otwell <[email protected]> Date: Tue Apr 18 08:45:33 2023 -0500 version commit 16454f1 Author: Taylor Otwell <[email protected]> Date: Tue Apr 18 08:44:55 2023 -0500 version commit 8ef7a8d Merge: a56d748 2a6713f Author: Taylor Otwell <[email protected]> Date: Tue Apr 18 08:44:34 2023 -0500 Merge branch '9.x' into 10.x commit 2a6713f Author: Luke Kuzmish <[email protected]> Date: Tue Apr 18 09:42:14 2023 -0400 [9.x] Release lock for job implementing `ShouldBeUnique` that is dispatched `afterResponse()` (laravel#46806) * failing test * rely on PendingDispatch@afterResponse so that ShouldBeUnique is checked * modifications to failing test * move lock/middleware handling to CallQueuedHandler@handle() * use CallQueuedHandler@handle if job employs InteractsWithQueue * style * revert changes to CallQueuedHandler & PendingDispatch * switch Bus\Dispatcher@dispatchAfterResponse to rely on Dispatcher@dispatchSync() * add `dispatchAfterResponse` test commit a56d748 Author: Mohd Hafizuddin M Marzuki <[email protected]> Date: Tue Apr 18 01:41:32 2023 +0800 Fix `validateDecimal()` (laravel#46809) commit 88c28e2 Author: Anjorin Damilare <[email protected]> Date: Mon Apr 17 17:13:04 2023 +0100 [10.x]: add max exceptions to broadcast event (laravel#46800) commit 17ad285 Author: kazunari.ueeda <[email protected]> Date: Tue Apr 18 01:01:53 2023 +0900 Fix return value to int or null. (laravel#46802) commit 997218b Author: Luke Kuzmish <[email protected]> Date: Sun Apr 16 09:35:36 2023 -0400 fixes test timestamp properties (laravel#46795) commit 3e5a6b3 Author: teamradhq <[email protected]> Date: Sun Apr 16 07:55:40 2023 +1000 Fix deprecated class in request.stub (laravel#46787) * Replace deprecated Illuminate\Contracts\Validation\Rule with ValidationRule.` commit 0720d08 Author: Taylor Otwell <[email protected]> Date: Sat Apr 15 16:53:23 2023 -0500 [10.x] Minor skeleton slimming (framework edition) (laravel#46786) * allow web and api named args on routes method * add app skeleton broadcast provider in core * add default provider collection * remove base broadcast service provider * Apply fixes from StyleCI * revert route provider change --------- Co-authored-by: StyleCI Bot <[email protected]> commit d95f865 Author: Sobhan <[email protected]> Date: Fri Apr 14 17:31:33 2023 +0330 Add headers (laravel#46780) * add headers * Update Application.php --------- Co-authored-by: Taylor Otwell <[email protected]>
milwad-dev
pushed a commit
to milwad-dev/framework
that referenced
this pull request
May 12, 2023
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
When provided a string containing invalid code points (e.g. wrong encoding or unaligned truncation), the
e()
helper will silently swallow the whole argument and return an empty string.I propose adding
ENT_SUBSTITUTE
to the flags forhtmlspecialchars()
, aligninge()
with the default behavior ofhtmlspecialchars()
since PHP 8.1:Developers and end-users alike will likely be less surprised by the occasional
�
, than the escaped string vanishing entirely.