Update label view helper to have html escape by default #5101

Merged
merged 2 commits into from Oct 22, 2013

Projects

None yet

2 participants

Contributor

This PR replicates the FormRow view helper logic, which escapes the Element label property by default and takes advantage of the new disable_html_escape labelOptions property added in #4677 to toggle the escape off when needed.

This may look like a minor BC break, because anyone who used FormLabel helper rather than FormRow will now have unexpected escaping, but since the overall policy of ZF2 is 'secure by default' I would rather consider this a minor security fix.

@stefanotorresi stefanotorresi added a commit to stefanotorresi/zf2-documentation that referenced this pull request Sep 11, 2013
@stefanotorresi stefanotorresi Update Form view helpers page
* Add FormRow docs
* Some corrections here and there
* Add docs for zendframework/zendframework#4677 and zendframework/zendframework#5101
fb1ddd4
@weierophinney weierophinney added a commit that referenced this pull request Oct 22, 2013
@weierophinney weierophinney [#5101] Update README
- Since this is technically a BC break, we need to call it out in the release
  notes.
3302208
@weierophinney weierophinney added a commit that referenced this pull request Oct 22, 2013
@weierophinney weierophinney Merge branch 'feature/5101' into develop
Close #5101
e029955
@weierophinney weierophinney merged commit a61856d into zendframework:develop Oct 22, 2013

1 check failed

default The Travis CI build failed
Details
@stefanotorresi stefanotorresi deleted the stefanotorresi:update/label-view-helper branch Oct 25, 2013
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment