archive/phabricator
1
0
Fork 0
Code Issues 1 Pull Requests Packages Projects Releases Wiki Activity

Kill most of phutil_escape_html()

Browse Source 
Summary:
This resolves lots of double escaping.
We changed most of `phutil_render_tag(, , $s)` to `phutil_tag(, , $s)` which means that `$s` is now auto-escaped.
Also `pht()` auto escapes if it gets `PhutilSafeHTML`.

Test Plan: None.

Reviewers: epriestley

Reviewed By: epriestley

CC: aran, Korvin

Maniphest Tasks: T2432

Differential Revision: https://secure.phabricator.com/D4889
This commit is contained in:
vrana
2013-02-09 14:43:10 -08:00
parent 9b8da73765
commit a22ef4e9b4
24 changed files with 127 additions and 101 deletions
Download Patch File Download Diff File Expand all files Collapse all files

5
src/applications/auth/controller/PhabricatorLoginController.php
View File

@@ -247,8 +247,7 @@ final class PhabricatorLoginController
$title = pht("Login or Register with %s", $provider_name);
$body = pht('Login or register for Phabricator using your %s account.',
$provider_name);
$button = pht("Login or Register with %s",
phutil_escape_html($provider_name));
$button = pht("Login or Register with %s", $provider_name);
} else {
$title = pht("Login with %s", $provider_name);
$body = hsprintf(
@@ -259,7 +258,7 @@ final class PhabricatorLoginController
pht(
'You can not use %s to register a new account.',
$provider_name));
$button = pht("Log in with %s", phutil_escape_html($provider_name));
$button = pht("Log in with %s", $provider_name);
}
$auth_form = new AphrontFormView();