New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Fix display bugs in profiling #26731
Conversation
Thanks @lmeyer1 @PrestaShop/prestashop-maintainers I know it's not a regression, but can we move it to 1.7.8.x as this is for developers and it is quite safe? |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
I agree with you @kpodemski , a third opinion would be nice
thank @lmeyer1 for your contribution 👍
If this does not bring a risk of regression, we can make an exception |
This fixes a feature added in 1.7.8.0 (see #20673) so I guess it could be qualified as a regression? |
@@ -35,7 +35,7 @@ | |||
{sql_queries data=$nb} | |||
</td> | |||
<td class="pre"> | |||
<pre>{$q}</pre> | |||
<pre>{$q nofilter}</pre> |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
WDYT @PierreRambaud ?
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
@eternoendless @PierreRambaud
$q
always contains HTML, for highlighting the values replaces by XX
. If you feel that nofilter
could be dangerous, then we need another way to highlight the blue text.
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Thanks, PR updated. The nofilter is not really needed here, the code added is useless and I can add an XSS because of this.
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
XSS inside the query coming from the software in the profiler displayed when the developer explicitly tells the application to do it? 🤔
450c850
450c850
to
b823fe5
Compare
tools/profiling/Hook.php
Outdated
@@ -63,6 +63,10 @@ public static function coreRenderWidget($module, $registeredHookName, $params) | |||
|
|||
$result = parent::coreRenderWidget($module, $registeredHookName, $params); | |||
|
|||
if ($registeredHookName === null) { |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Avoid error inside the contact form page
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Perhaps this would be best explained in a comment
@@ -63,7 +63,11 @@ | |||
</td> | |||
<td data-value="{$data['location']}"> | |||
<a href="javascript:void(0);" onclick="$('#callstack_{$callstack_md5}').toggle();">{$data['location']}</a> | |||
<div id="callstack_{$callstack_md5}" style="display:none">{implode('<br>', $data['stack'])}</div> | |||
<div id="callstack_{$callstack_md5}" style="display:none"> | |||
{foreach $data['stack'] as $stack} |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
No need to implode with nofilter when you can use foreach :)
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
You get a trailing <br>
like this
b823fe5
to
337ba9f
Compare
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
LGTM
QA approved, well done! Message to the maintainers: do not forget to milestone it before the merge. |
Thanks @lmeyer1! |
This change is