-
-
Notifications
You must be signed in to change notification settings - Fork 159
Commit
This commit does not belong to any branch on this repository, and may belong to a fork outside of the repository.
Merge pull request from GHSA-hr3h-x6gq-rqcp
* Add allowedAttributes setting for the HTML filter Conflicts: core-bundle/src/Resources/contao/dca/tl_settings.php core-bundle/src/Resources/contao/library/Contao/Input.php core-bundle/src/Resources/contao/library/Contao/InsertTags.php Conflicts: core-bundle/src/Resources/contao/dca/tl_settings.php core-bundle/src/Resources/contao/library/Contao/InsertTags.php * Encode insert tags before replacing them Conflicts: core-bundle/src/Resources/contao/library/Contao/InsertTags.php core-bundle/src/Resources/contao/library/Contao/StringUtil.php Conflicts: core-bundle/src/Resources/contao/library/Contao/InsertTags.php core-bundle/tests/Contao/InsertTagsTest.php * URL encode insert tags in URL attributes * Improve default set of allowed attributes * Add attr flag to prevent nested insert tags * Fix tests * Fix null byte stripping * Fix insert tag hacks * Add more attributes to the default set * Add support for * attributes * Encode double and single quotes Conflicts: core-bundle/src/Resources/contao/elements/ContentMarkdown.php * Encode rgxp url fields Conflicts: core-bundle/src/Resources/contao/library/Contao/Widget.php * Encode non-HTML insert tags Conflicts: core-bundle/src/Resources/contao/library/Contao/InsertTags.php Conflicts: core-bundle/src/Resources/contao/library/Contao/InsertTags.php * Strip unclosed insert tags Conflicts: core-bundle/src/Resources/contao/library/Contao/InsertTags.php Conflicts: core-bundle/tests/Contao/InsertTagsTest.php * Fix test * Encode special characters outside of tags * Add comment * Allow FTP URLs * Deprecate not passing allowed attributes to stripTags() Conflicts: core-bundle/src/Resources/contao/library/Contao/Input.php * Don’t allow accesskey by default * Allow data URLs * Improve naming and comments * Encode insert tags in comments * Rename insert tag flag url to urlattr Conflicts: core-bundle/src/Resources/contao/library/Contao/InsertTags.php * CS Conflicts: core-bundle/src/Resources/contao/library/Contao/Input.php * Fix a unit test description Co-authored-by: Martin Auswöger <martin@auswoeger.com> * Fix double encoding issue with the hash symbol * Check for missing attribute via func_num_args() * Coding style for Contao 4.9 and PHP 7.2 Conflicts: core-bundle/tests/Contao/InsertTagsTest.php * Improve attributes wizard size Conflicts: core-bundle/src/Resources/contao/themes/flexible/main.min.css * Fix intert tag listeners Conflicts: calendar-bundle/src/EventListener/InsertTagsListener.php faq-bundle/src/EventListener/InsertTagsListener.php news-bundle/src/EventListener/InsertTagsListener.php * Escape pictures and images * Fix rebase error * Coding style for Contao 4.11 * Improve figure escaping * Fix another bogus comment variant Conflicts: core-bundle/tests/Contao/InsertTagsTest.php * Encode literal insert tags * Fix ? bogus comment variant Conflicts: core-bundle/tests/Contao/InsertTagsTest.php Co-authored-by: Leo Feyer <github@contao.org>
- Loading branch information
Showing
19 changed files
with
1,080 additions
and
80 deletions.
There are no files selected for viewing
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Oops, something went wrong.