mirror of
https://github.com/Lastorder-DC/rhymix.git
synced 2026-01-05 09:41:40 +09:00
Allow true/false/yes/no values for autoescape
템플릿의 <config autoescape="on" /> 문법이 on, off만 지원하기 때문에 흔히 사용하는 true, false, yes, no, Y, N 등의 불리언 값을 입력하면 안전하지 않은 off로 인식하게 됨. 이 경우에도 적절히 처리하도록 변경.
This commit is contained in:
Kijin Sung
parent
a398c7548d
commit
2a026a6c86
2 changed files with 23 additions and 22 deletions
|
|
@ -328,43 +328,43 @@ class TemplateHandlerTest extends \Codeception\TestCase\Test
|
|||
// Rhymix autoescape
|
||||
array(
|
||||
'<config autoescape="on" />{$foo}',
|
||||
PHP_EOL . '$this->config->autoescape = \'on\';' . "\n" . 'echo ($this->config->autoescape === \'on\' ? htmlspecialchars($__Context->foo, ENT_QUOTES, \'UTF-8\', false) : ($__Context->foo)) ?>'
|
||||
PHP_EOL . '$this->config->autoescape = true;' . "\n" . 'echo ($this->config->autoescape ? htmlspecialchars($__Context->foo, ENT_QUOTES, \'UTF-8\', false) : ($__Context->foo)) ?>'
|
||||
),
|
||||
array(
|
||||
'<config autoescape="off" />{$foo}',
|
||||
PHP_EOL . '$this->config->autoescape = \'off\';' . "\n" . 'echo ($this->config->autoescape === \'on\' ? htmlspecialchars($__Context->foo, ENT_QUOTES, \'UTF-8\', false) : ($__Context->foo)) ?>'
|
||||
PHP_EOL . '$this->config->autoescape = false;' . "\n" . 'echo ($this->config->autoescape ? htmlspecialchars($__Context->foo, ENT_QUOTES, \'UTF-8\', false) : ($__Context->foo)) ?>'
|
||||
),
|
||||
array(
|
||||
'<config autoescape="on" />{$foo|auto}',
|
||||
PHP_EOL . '$this->config->autoescape = \'on\';' . "\n" . 'echo ($this->config->autoescape === \'on\' ? htmlspecialchars($__Context->foo, ENT_QUOTES, \'UTF-8\', false) : ($__Context->foo)) ?>'
|
||||
'<config autoescape="yes" />{$foo|auto}',
|
||||
PHP_EOL . '$this->config->autoescape = true;' . "\n" . 'echo ($this->config->autoescape ? htmlspecialchars($__Context->foo, ENT_QUOTES, \'UTF-8\', false) : ($__Context->foo)) ?>'
|
||||
),
|
||||
array(
|
||||
'<config autoescape="off" />{$foo|auto}',
|
||||
PHP_EOL . '$this->config->autoescape = \'off\';' . "\n" . 'echo ($this->config->autoescape === \'on\' ? htmlspecialchars($__Context->foo, ENT_QUOTES, \'UTF-8\', false) : ($__Context->foo)) ?>'
|
||||
'<config autoescape="no" />{$foo->$bar|auto}',
|
||||
PHP_EOL . '$this->config->autoescape = false;' . "\n" . 'echo ($this->config->autoescape ? htmlspecialchars($__Context->foo->{$__Context->bar}, ENT_QUOTES, \'UTF-8\', false) : ($__Context->foo->{$__Context->bar})) ?>'
|
||||
),
|
||||
array(
|
||||
'<config autoescape="on" />{$foo|autoescape}',
|
||||
PHP_EOL . '$this->config->autoescape = \'on\';' . "\n" . 'echo htmlspecialchars($__Context->foo, ENT_QUOTES, \'UTF-8\', false) ?>'
|
||||
'<config autoescape="true" />{$foo|autoescape}',
|
||||
PHP_EOL . '$this->config->autoescape = true;' . "\n" . 'echo htmlspecialchars($__Context->foo, ENT_QUOTES, \'UTF-8\', false) ?>'
|
||||
),
|
||||
array(
|
||||
'<config autoescape="off" />{$foo|autoescape}',
|
||||
PHP_EOL . '$this->config->autoescape = \'off\';' . "\n" . 'echo htmlspecialchars($__Context->foo, ENT_QUOTES, \'UTF-8\', false) ?>'
|
||||
'<config autoescape="false" />{$foo|autoescape}',
|
||||
PHP_EOL . '$this->config->autoescape = false;' . "\n" . 'echo htmlspecialchars($__Context->foo, ENT_QUOTES, \'UTF-8\', false) ?>'
|
||||
),
|
||||
array(
|
||||
'<config autoescape="on" />{$foo|escape}',
|
||||
PHP_EOL . '$this->config->autoescape = \'on\';' . "\n" . 'echo htmlspecialchars($__Context->foo, ENT_QUOTES, \'UTF-8\', true) ?>'
|
||||
'<config autoescape="1" />{$foo|escape}',
|
||||
PHP_EOL . '$this->config->autoescape = true;' . "\n" . 'echo htmlspecialchars($__Context->foo, ENT_QUOTES, \'UTF-8\', true) ?>'
|
||||
),
|
||||
array(
|
||||
'<config autoescape="off" />{$foo|escape}',
|
||||
PHP_EOL . '$this->config->autoescape = \'off\';' . "\n" . 'echo htmlspecialchars($__Context->foo, ENT_QUOTES, \'UTF-8\', true) ?>'
|
||||
'<config autoescape="0" />{$foo|escape}',
|
||||
PHP_EOL . '$this->config->autoescape = false;' . "\n" . 'echo htmlspecialchars($__Context->foo, ENT_QUOTES, \'UTF-8\', true) ?>'
|
||||
),
|
||||
array(
|
||||
'<config autoescape="on" />{$foo|noescape}',
|
||||
PHP_EOL . '$this->config->autoescape = \'on\';' . "\n" . 'echo $__Context->foo ?>'
|
||||
'<config autoescape="Y" />{$foo|noescape}',
|
||||
PHP_EOL . '$this->config->autoescape = true;' . "\n" . 'echo $__Context->foo ?>'
|
||||
),
|
||||
array(
|
||||
'<config autoescape="off" />{$foo|noescape}',
|
||||
PHP_EOL . '$this->config->autoescape = \'off\';' . "\n" . 'echo $__Context->foo ?>'
|
||||
'<config autoescape="N" />{$foo|noescape}',
|
||||
PHP_EOL . '$this->config->autoescape = false;' . "\n" . 'echo $__Context->foo ?>'
|
||||
),
|
||||
// Rhymix filters
|
||||
array(
|
||||
|
|
@ -449,7 +449,7 @@ class TemplateHandlerTest extends \Codeception\TestCase\Test
|
|||
),
|
||||
array(
|
||||
'<config autoescape="on" /><p>{$foo|link:$url}</p>',
|
||||
PHP_EOL . '$this->config->autoescape = \'on\'; ?><p><?php echo \'<a href="\' . ($this->config->autoescape === \'on\' ? htmlspecialchars($__Context->url, ENT_QUOTES, \'UTF-8\', false) : ($__Context->url)) . \'">\' . ($this->config->autoescape === \'on\' ? htmlspecialchars($__Context->foo, ENT_QUOTES, \'UTF-8\', false) : ($__Context->foo)) . \'</a>\' ?></p>'
|
||||
PHP_EOL . '$this->config->autoescape = true; ?><p><?php echo \'<a href="\' . ($this->config->autoescape ? htmlspecialchars($__Context->url, ENT_QUOTES, \'UTF-8\', false) : ($__Context->url)) . \'">\' . ($this->config->autoescape ? htmlspecialchars($__Context->foo, ENT_QUOTES, \'UTF-8\', false) : ($__Context->foo)) . \'</a>\' ?></p>'
|
||||
),
|
||||
// Rhymix filters (reject malformed filters)
|
||||
array(
|
||||
|
|
|
|||
Loading…
Add table
Add a link
Reference in a new issue