Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Escape quotes in sandbox placeholders #901

Closed
wants to merge 968 commits into from
Closed

Escape quotes in sandbox placeholders #901

wants to merge 968 commits into from

Conversation

kix
Copy link

@kix kix commented Aug 22, 2016

Previously, having a placeholder with "'s passed lead to HTML attributes getting broken. The first " would just close the attribute, and the placeholder would get broken:

screenshot 2016-08-23 03 20 55

After this fix all placeholders should only have "s instead of ''s, and the placeholder HTML attr is correctly escaped.

stof and others added 30 commits September 10, 2014 14:29
@stof
Remove EOLed Symfony versions from Travis
8861fb9 
Currently, the testsuite relies on SensioFrameworkExtraBundle 3.x which requires Symfony 2.3+. Given that 2.1 and 2.2 are EOLed, removing them from Travis is simpler than updating the testsuite to support them.
@willdurand
Merge pull request nelmio#514 from stof/patch-2
3f3580f 
Remove EOLed Symfony versions from Travis
@avevlad
Update index.md
59ea615
@willdurand
Merge pull request nelmio#518 from AveVlad/patch-1
6bcd5e8 
Add highlight index.md
@jeskew
Update parser to convert empty array defaults to null
37ae52b 
Don't let empty arrays get passed through as defaults.
@lucasvanlierop
Fixed checking HTTP method type
eaaa54b
@lucasvanlierop
Fixed disabling required for HTTP PUT requests
f625d96
@willdurand
Merge pull request nelmio#523 from jeskew/master
3889e7f 
Update parser to convert empty array defaults to null
@lucasvanlierop
Fixed tests by adding separate form type
b4a6825
@mjanser
Fix parsing of filters, default values, descriptions and base path in…
b8cc4d9 
… SwaggerFormatter
@willdurand
Merge pull request nelmio#519 from mjanser/fix-swagger-formatter
ff5c201 
Fix parsing of filters, default values and base path in SwaggerFormatter
@willdurand
Merge pull request nelmio#490 from ricardclau/store_api_key
5950acd 
Add support for LocalStorage
@willdurand
Merge pull request nelmio#524 from lucasvanlierop/fix-no-required-par…
c69ab20 
…ameters-for-put-requests

Fix no required parameters for PUT requests
@willdurand
Merge pull request nelmio#498 from jonmchan/honorBodyFormat
6d50c20 
Honor body format before uploading file type parameters
@bezhermoso
Form errors parser. Mirrored actual form-errors response by FOSRest. …
859421d 
…Made sure that FieldErrors is not duplicated.
@willdurand
Merge pull request nelmio#512 from bezhermoso/form_errors
888705c 
FOSRest integration: Form errors format
@Seldaek
Remove outdated note
cb6df68
@Seldaek
Update install instructions
4beb08e
@devster
Display select to choose http method in sandbox
e7d3c80
@willdurand
Merge pull request nelmio#536 from devster/master
847b1fe 
Display select to choose http method in sandbox
Showing 'Documentation' tab makes no sense if the sandbox is disabled.
fa4b8f3
@thenetexperts
better readability
c6b57a2
proofread the index
95b99a1
@willdurand
Merge pull request nelmio#554 from greg0ire/documentation
8ff30b7 
proofread the index
@damienalexandre
Fix the PhpDoc Handler for @link annotation and add tests
a939fef
@willdurand
Merge pull request nelmio#555 from damienalexandre/fixLinkParser
a84c53b 
Fix the PhpDoc Handler for `@link` annotation and add tests
@wodka
fix sandbox with host
10d9172 
suggested change in nelmio#353 is not working
@lmammino
Fixed type annotations
e0ff981 
(avoid triggering warning on IDEs like PhpStorm
@willdurand
Merge pull request nelmio#562 from lmammino/patch-1
d641bbf 
Fixed type annotations
@jcrombez
[doc] missing "sandbox:" in the authentication yaml examples
6990a11
Martin Le Guillou and others added 28 commits May 16, 2016 15:59
enable ApiDocExtractor overriding
aada315
@willdurand
Merge pull request nelmio#851 from blitzr/master
a7ad7ff 
Allow custom ApiDoc annotation
@miholeus
added headers support
e141ffd
@miholeus
added headers documentation example
d5c1c57
@miholeus
added tests for headers support
5123b49
@willdurand
Merge pull request nelmio#853 from miholeus/master
7288cca 
Headers support
Add navigation index for resources
df04b5c
@piotrplenik
fix format wrapping
12c0671
@willdurand
Merge pull request nelmio#860 from jupeter/format-wrapping
970a78c 
Fix wrapping of format table row
@Uplink03
Added links form index.rst to the other doc files
8eee7fe
@willdurand
Merge pull request nelmio#861 from Uplink03/master
d0eaafa 
Links from index.rst to the other doc files
@javiereguiluz
Fixed the links to some doc articles
4a37d63
@willdurand
Merge pull request nelmio#865 from javiereguiluz/fix_doc_links
6d16486 
Fixed the links to some doc articles
Usage of OUTPUT_RAW to avoid javascript syntax error when dumping HTM…
05d3a51 
…L API doc. Fixes issue nelmio#864.
@willdurand
Merge pull request nelmio#866 from Gregoire-M/master
a009e97 
Usage of OUTPUT_RAW to avoid javascript syntax error when dumping HTML
@dpcat237
nelmio#502 Hide Requirement when not set
725e4d9
@dpcat237
nelmio#502 Test for the improvement
1256275
@willdurand
Merge pull request nelmio#868 from dpcat237/502_hide-requirement-when…
e6ea851 
…-empty

nelmio#502 hide requirement when empty
@willdurand
Merge pull request nelmio#857 from zanardigit/master
9444172 
Add navigation index for resources
@willdurand
Merge pull request nelmio#811 from InputOutput/allow-input-and-filters
7aeea08 
Allow filter descriptions to be used in conjunction with POST/PUT inp…
@willdurand
Do not fail on Symfony 4.0 deprecation messages
4b16f4e
@willdurand
Remove a test since nelmio#811 changes the behavior
79716d4
@willdurand
Prepare 2.13.0 release
a3a9bb3
@rmzamora
Fix error:
f5e38a2 
Key "statusCodes" for array with keys "method, uri, description, documentation, filters, requirements, parsedResponseMap, https, authentication, authenticationRoles, deprecated, id" does not exist in NelmioApiDocBundle::method.html.twig at line 182.

Sample:

 /**
     * Retrieves the list of categories (paginated) based on criteria.
     *
     * @apidoc(
     *  resource=true,
     *  output={"class"="Sonata\DatagridBundle\Pager\PagerInterface", "groups"={"sonata_api_read"}}
     * )
     *
     *
     * @QueryParam(name="page", requirements="\d+", default="1", description="Page for category list pagination")
     * @QueryParam(name="count", requirements="\d+", default="10", description="Number of categories by page")
     * @QueryParam(name="enabled", requirements="0|1", nullable=true, strict=true, description="Enabled/Disabled categories filter")
     * @QueryParam(name="context", requirements="\S+", nullable=true, strict=true, description="Context of categories")
     *
     * @view(serializerGroups="sonata_api_read", serializerEnableMaxDepthChecks=true)
     *
     * @param ParamFetcherInterface $paramFetcher
     *
     * @return PagerInterface
     */
@willdurand
Merge pull request nelmio#874 from rmzamora/master
463dea9 
Fix error: Key "statusCodes" for array with keys...
@Invis1ble
Fixed placeholder translations nelmio#889
97c6b1e
@willdurand
Merge pull request nelmio#890 from Invis1ble/fix-889
e6e4246 
Fixed placeholder translations nelmio#889
@kix
Escape quotes in sandbox placeholders
4d43103 
Previously, having a placeholder with `"`'s passed lead to HTML attributes getting broken. The first `"` would just close the attribute, and the placeholder would get broken. Now, all placeholders should only have `"`s instead of `'`'s, and the `placeholder` HTML attr is correctly escaped.
@GuilhemN GuilhemN closed this May 31, 2017
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers
No reviews
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.

None yet