From 1650b79a991d140a5efbd1f134c9a020d4cbf378 Mon Sep 17 00:00:00 2001
From: Kijin Sung <kijin@kijinsung.com>
Date: Thu, 5 May 2016 19:55:41 +0900
Subject: [PATCH] Fix variable escaping for LESS

---
 classes/frontendfile/FrontEndFileHandler.class.php | 6 ++++++
 1 file changed, 6 insertions(+)

diff --git a/classes/frontendfile/FrontEndFileHandler.class.php b/classes/frontendfile/FrontEndFileHandler.class.php
index fa9d44b9a..e2c69ac95 100644
--- a/classes/frontendfile/FrontEndFileHandler.class.php
+++ b/classes/frontendfile/FrontEndFileHandler.class.php
@@ -271,6 +271,12 @@ class FrontEndFileHandler extends Handler
 		{
 			$file->vars = array_merge($file->vars, $default_font_config);
 		}
+		if ($file->fileExtension === 'less')
+		{
+			$file->vars = array_map(function($str) {
+				return preg_match('/^[0-9a-zA-Z\.%_-]+$/', $str) ? $str : ('~"' . str_replace('"', '\\"', $str) . '"');
+			}, $file->vars);
+		}
 		
 		$compiledFileName = $file->fileName . ($minify ? '.min' : '') . '.css';
 		$compiledFileHash = sha1($file->fileRealPath . ':' . serialize($file->vars));