removed the OutputEscaper component, added escape mechanism in the Te…

…mplating Engine class
symfony · Nov 23, 2010 · ad68092 · avalanche123 · Apr 13, 2011 · ad68092
1 parent 5b056b2
commit ad68092
Show file tree

Hide file tree

Showing 19 changed files with 134 additions and 1,398 deletions.
diff --git a/src/Symfony/Bundle/FrameworkBundle/DependencyInjection/FrameworkExtension.php b/src/Symfony/Bundle/FrameworkBundle/DependencyInjection/FrameworkExtension.php
@@ -157,10 +157,6 @@ protected function registerTemplatingConfiguration($config, ContainerBuilder $co
             }
         }
 
-        if (array_key_exists('escaping', $config)) {
-            $container->setParameter('templating.output_escaper', $config['escaping']);
-        }
-
         if (array_key_exists('assets_version', $config)) {
             $container->setParameter('templating.assets.version', $config['assets_version']);
         }

diff --git a/src/Symfony/Bundle/FrameworkBundle/Resources/config/schema/symfony-1.0.xsd b/src/Symfony/Bundle/FrameworkBundle/Resources/config/schema/symfony-1.0.xsd
@@ -63,7 +63,6 @@
             <xsd:element name="loader" type="xsd:string" minOccurs="0" maxOccurs="unbounded" />
         </xsd:sequence>
 
-        <xsd:attribute name="escaping" type="xsd:string" />
         <xsd:attribute name="assets_version" type="xsd:string" />
         <xsd:attribute name="path" type="xsd:string" />
         <xsd:attribute name="cache" type="xsd:string" />

diff --git a/src/Symfony/Bundle/FrameworkBundle/Resources/config/templating.xml b/src/Symfony/Bundle/FrameworkBundle/Resources/config/templating.xml
@@ -21,7 +21,6 @@
         <parameter key="templating.helper.translator.class">Symfony\Bundle\FrameworkBundle\Templating\Helper\TranslatorHelper</parameter>
         <parameter key="templating.helper.security.class">Symfony\Bundle\FrameworkBundle\Templating\Helper\SecurityHelper</parameter>
         <parameter key="templating.helper.form.class">Symfony\Bundle\FrameworkBundle\Templating\Helper\FormHelper</parameter>
-        <parameter key="templating.output_escaper">false</parameter>
         <parameter key="templating.assets.version">null</parameter>
         <parameter key="templating.assets.base_urls" type="collection"></parameter>
         <parameter key="debug.file_link_format">null</parameter>
@@ -31,8 +30,6 @@
         <service id="templating.engine" class="%templating.engine.class%">
             <argument type="service" id="service_container" />
             <argument type="service" id="templating.loader" />
-            <argument type="collection"></argument>
-            <argument>%templating.output_escaper%</argument>
             <call method="setCharset"><argument>%kernel.charset%</argument></call>
         </service>
 

diff --git a/src/Symfony/Bundle/FrameworkBundle/Templating/Engine.php b/src/Symfony/Bundle/FrameworkBundle/Templating/Engine.php
@@ -4,7 +4,6 @@
 
 use Symfony\Component\Templating\Engine as BaseEngine;
 use Symfony\Component\Templating\Loader\LoaderInterface;
-use Symfony\Component\OutputEscaper\Escaper;
 use Symfony\Component\DependencyInjection\ContainerInterface;
 use Symfony\Component\HttpFoundation\Response;
 
@@ -18,28 +17,24 @@
  */
 
 /**
- * This engine knows how to render Symfony templates and automatically
- * escapes template parameters.
+ * This engine knows how to render Symfony templates.
  *
  * @author Fabien Potencier <fabien.potencier@symfony-project.com>
  */
 class Engine extends BaseEngine
 {
     protected $container;
-    protected $escaper;
 
     /**
      * Constructor.
      *
      * @param ContainerInterface $container A ContainerInterface instance
      * @param LoaderInterface    $loader    A loader instance
      * @param array              $renderers An array of renderer instances
-     * @param mixed              $escaper   The escaper to use (or false to disable escaping)
      */
-    public function __construct(ContainerInterface $container, LoaderInterface $loader, array $renderers = array(), $escaper = false)
+    public function __construct(ContainerInterface $container, LoaderInterface $loader, array $renderers = array())
     {
         $this->container = $container;
-        $this->escaper = $escaper;
 
         parent::__construct($loader, $renderers);
 
@@ -68,10 +63,6 @@ public function render($name, array $parameters = array())
             $this->renderers[$renderer]->setEngine($this);
         }
 
-        if ('php' === $renderer) {
-            $parameters = $this->escapeParameters($parameters);
-        }
-
         return parent::render($name, $parameters);
     }
 
@@ -117,22 +108,6 @@ public function get($name)
         return $this->helpers[$name];
     }
 
-    protected function escapeParameters(array $parameters)
-    {
-        if (false !== $this->escaper) {
-            Escaper::setCharset($this->getCharset());
-
-            $parameters['_data'] = Escaper::escape($this->escaper, $parameters);
-            foreach ($parameters['_data'] as $key => $value) {
-                $parameters[$key] = $value;
-            }
-        } else {
-            $parameters['_data'] = Escaper::escape('raw', $parameters);
-        }
-
-        return $parameters;
-    }
-
     // parses template names following the following pattern:
     // bundle:section:template(.format).renderer
     public function splitTemplateName($name, array $defaults = array())

diff --git a/src/Symfony/Bundle/FrameworkBundle/Templating/Helper/ActionsHelper.php b/src/Symfony/Bundle/FrameworkBundle/Templating/Helper/ActionsHelper.php
@@ -3,7 +3,6 @@
 namespace Symfony\Bundle\FrameworkBundle\Templating\Helper;
 
 use Symfony\Component\Templating\Helper\Helper;
-use Symfony\Component\OutputEscaper\Escaper;
 use Symfony\Bundle\FrameworkBundle\Controller\ControllerResolver;
 
 /*
@@ -58,11 +57,11 @@ public function output($controller, array $attributes = array(), array $options
      */
     public function render($controller, array $attributes = array(), array $options = array())
     {
-        $options['attributes'] = Escaper::unescape($attributes);
+        $options['attributes'] = $attributes;
 
         if (isset($options['query']))
         {
-            $options['query'] = Escaper::unescape($options['query']);
+            $options['query'] = $options['query'];
         }
 
         return $this->resolver->render($controller, $options);

diff --git a/src/Symfony/Bundle/FrameworkBundle/Templating/Helper/FormHelper.php b/src/Symfony/Bundle/FrameworkBundle/Templating/Helper/FormHelper.php
@@ -145,10 +145,6 @@ public function hidden(/*FieldGroupInterface */$group, array $parameters = array
 
     protected function lookupTemplate(/*FieldInterface */$field)
     {
-        if ($field instanceof \Symfony\Component\OutputEscaper\ObjectDecorator) {
-            $field = $field->getRawValue();
-        }
-
         $fqClassName = get_class($field);
         $template = null;
 

diff --git a/src/Symfony/Bundle/FrameworkBundle/Tests/Templating/EngineTest.php b/src/Symfony/Bundle/FrameworkBundle/Tests/Templating/EngineTest.php
@@ -16,7 +16,6 @@
 use Symfony\Component\Templating\Storage\StringStorage;
 use Symfony\Component\Templating\Storage\Storage;
 use Symfony\Component\Templating\Renderer\PhpRenderer;
-use Symfony\Component\OutputEscaper\Escaper;
 
 // simulate the rendering of another controller
 function foo($engine)
@@ -26,37 +25,6 @@ function foo($engine)
 
 class EngineTest extends TestCase
 {
-    public function testRenderEscaping()
-    {
-        $templates = array(
-            'tpl1'  => '<?php echo $foo ?>',
-            'tpl2'  => '<?php echo $foo.$view->render("FooBundle:Foo:tpl1.php", array("foo" => $foo)) ?>',
-            'tpl3'  => '<?php echo $foo.$view->render("FooBundle:Foo:tpl1.php", array("foo" => "foo <br />")) ?>',
-            'tpl4'  => '<?php echo $foo.Symfony\Bundle\FrameworkBundle\Tests\Templating\foo($view) ?>',
-        );
-
-        $loader = $this->getMock('Symfony\Component\Templating\Loader\LoaderInterface');
-        $loader->expects($this->exactly(4))
-            ->method('load')
-            ->with($this->anything(), $this->anything())
-            ->will($this->onConsecutiveCalls(
-                new StringStorage($templates['tpl1']),
-                new StringStorage($templates['tpl2']),
-                new StringStorage($templates['tpl3']),
-                new StringStorage($templates['tpl4'])
-            ))
-        ;
-
-        $engine = new Engine($this->getContainerMock(), $loader, array('php' => new PhpRenderer()), 'htmlspecialchars');
-
-        $this->assertEquals('foo &lt;br /&gt;', $engine->render('FooBundle:Foo:tpl1.php', array('foo' => 'foo <br />')));
-        $this->assertEquals('foo &lt;br /&gt;', $engine->render('FooBundle:Foo:tpl1.php', array('foo' => 'foo <br />')));
-
-        $this->assertEquals('foo &lt;br /&gt;foo &lt;br /&gt;', $engine->render('FooBundle:Foo:tpl2.php', array('foo' => 'foo <br />')));
-        $this->assertEquals('foo &lt;br /&gt;foo &lt;br /&gt;', $engine->render('FooBundle:Foo:tpl3.php', array('foo' => 'foo <br />')));
-        $this->assertEquals('foo &lt;br /&gt;foo &lt;br /&gt;', $engine->render('FooBundle:Foo:tpl4.php', array('foo' => 'foo <br />')));
-    }
-
     /**
      * @dataProvider getSplitTemplateNameTests
      */

diff --git a/src/Symfony/Component/OutputEscaper/ArrayDecorator.php b/src/Symfony/Component/OutputEscaper/ArrayDecorator.php