archive/phabricator
1
0
Fork 0
Code Issues 1 Pull Requests Packages Projects Releases Wiki Activity

Kill most of phutil_escape_html()

Browse Source 
Summary:
This resolves lots of double escaping.
We changed most of `phutil_render_tag(, , $s)` to `phutil_tag(, , $s)` which means that `$s` is now auto-escaped.
Also `pht()` auto escapes if it gets `PhutilSafeHTML`.

Test Plan: None.

Reviewers: epriestley

Reviewed By: epriestley

CC: aran, Korvin

Maniphest Tasks: T2432

Differential Revision: https://secure.phabricator.com/D4889
This commit is contained in:
vrana
2013-02-09 14:43:10 -08:00
parent 9b8da73765
commit a22ef4e9b4
24 changed files with 127 additions and 101 deletions
Download Patch File Download Diff File Expand all files Collapse all files

3
src/applications/phpast/controller/PhabricatorXHPASTViewInputController.php
View File

@@ -5,7 +5,6 @@ final class PhabricatorXHPASTViewInputController
public function processRequest() {
$input = $this->getStorageTree()->getInput();
return $this->buildXHPASTViewPanelResponse(
phutil_escape_html($input));
return $this->buildXHPASTViewPanelResponse($input);
}
}