Permalink
Browse files

Invalid escaping in renderBaseAttrs()

Summary:
Second parameter of htmlspecialchars() is flags (int), not bool.
Value true is understood as 1 which means: quote single quotes, not double quotes

Test Plan:
New test
  • Loading branch information...
1 parent 0ff0c6d commit 0a99f67862624a4bbd368498296ea465a4e01edd Jakub Vrana committed Feb 15, 2012
Showing with 10 additions and 1 deletion.
  1. +1 −1 php-lib/html.php
  2. +9 −0 tests/attr-quotes.phpt
View
2 php-lib/html.php
@@ -65,7 +65,7 @@ public function requireUniqueId() {
$buf = '<'.$this->tagName;
foreach ($this->getAttributes() as $key => $val) {
if ($val !== null && $val !== false) {
- $buf .= ' ' . htmlspecialchars($key) . '="' . htmlspecialchars($val, true) . '"';
+ $buf .= ' ' . htmlspecialchars($key) . '="' . htmlspecialchars($val) . '"';
}
}
return $buf;
View
9 tests/attr-quotes.phpt
@@ -0,0 +1,9 @@
+--TEST--
+Quotes in attribute
+--FILE--
+<?php
+class xhp_a {}
+$quote = '"';
+echo <a b={$quote}>c</a>;
+--EXPECT--
+<a b="&quot;">c</a>

0 comments on commit 0a99f67

Please sign in to comment.