Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

fix(output): fewer view $vars will be output by accident #8414

Merged
merged 1 commit into from
Jun 4, 2015
Merged

fix(output): fewer view $vars will be output by accident #8414

merged 1 commit into from
Jun 4, 2015

Conversation

mrclay
Copy link
Member

@mrclay mrclay commented Jun 4, 2015

A general problem is views passing along arbitrary $vars values to views like output/url, which treat unrecognized $vars as HTML attributes. This at least strips keys with underscores, which are definitely not meant to be HTML attributes.

Fixes #8218

@mrclay
fix(output): fewer view $vars will be output by accident
4560d38 
A general problem is views passing along arbitrary $vars values to views
like output/url, which treat unrecognized $vars as HTML attributes. This
at least strips keys with underscores, which are definitely not meant
to be HTML attributes.

Fixes Elgg#8218
@mrclay mrclay mentioned this pull request Jun 4, 2015
Closed
1 task
mrclay
mrclay reviewed Jun 4, 2015
View reviewed changes
engine/tests/phpunit/Elgg/lib/output/FormatAttributesTest.php
@@ -0,0 +1,39 @@
<?php
namespace Elgg\lib\output;
Copy link
Member Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

This seemed like a decent namespace for lib tests.

@juho-jaakkola
Copy link
Member

LGTM

mrclay added a commit that referenced this pull request Jun 4, 2015
@mrclay
Merge pull request #8414 from mrclay/attr_under_8218_20
5befbff 
fix(output): fewer view $vars will be output by accident
@mrclay mrclay merged commit 5befbff into Elgg:master Jun 4, 2015
@mrclay mrclay deleted the attr_under_8218_20 branch June 4, 2015 19:34
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers
No reviews
Assignees
No one assigned
Labels
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
2 participants
@mrclay @juho-jaakkola