mirror of
https://github.com/silverstripe/silverstripe-cms
synced 2024-10-22 06:05:56 +00:00
FIX Escape the sitetree_link shortcode return value
This commit is contained in:
parent
7ecf56490a
commit
be25c302ac
@ -401,10 +401,12 @@ class SiteTree extends DataObject implements PermissionProvider,i18nEntityProvid
|
|||||||
return; // There were no suitable matches at all.
|
return; // There were no suitable matches at all.
|
||||||
}
|
}
|
||||||
|
|
||||||
|
$link = Convert::raw2att($page->Link());
|
||||||
|
|
||||||
if($content) {
|
if($content) {
|
||||||
return sprintf('<a href="%s">%s</a>', $page->Link(), $parser->parse($content));
|
return sprintf('<a href="%s">%s</a>', $link, $parser->parse($content));
|
||||||
} else {
|
} else {
|
||||||
return $page->Link();
|
return $link;
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
|
||||||
|
@ -554,6 +554,7 @@ class SiteTreeTest extends SapphireTest {
|
|||||||
public function testLinkShortcodeHandler() {
|
public function testLinkShortcodeHandler() {
|
||||||
$aboutPage = $this->objFromFixture('Page', 'about');
|
$aboutPage = $this->objFromFixture('Page', 'about');
|
||||||
$errorPage = $this->objFromFixture('ErrorPage', '404');
|
$errorPage = $this->objFromFixture('ErrorPage', '404');
|
||||||
|
$redirectPage = $this->objFromFixture('RedirectorPage', 'external');
|
||||||
|
|
||||||
$parser = new ShortcodeParser();
|
$parser = new ShortcodeParser();
|
||||||
$parser->register('sitetree_link', array('SiteTree', 'link_shortcode_handler'));
|
$parser->register('sitetree_link', array('SiteTree', 'link_shortcode_handler'));
|
||||||
@ -581,6 +582,13 @@ class SiteTreeTest extends SapphireTest {
|
|||||||
$this->assertEquals($aboutShortcodeExpected, $parser->parse($aboutShortcode), 'Test link to 404 page if no suitable matches.');
|
$this->assertEquals($aboutShortcodeExpected, $parser->parse($aboutShortcode), 'Test link to 404 page if no suitable matches.');
|
||||||
$this->assertEquals($aboutEnclosedExpected, $parser->parse($aboutEnclosed));
|
$this->assertEquals($aboutEnclosedExpected, $parser->parse($aboutEnclosed));
|
||||||
|
|
||||||
|
$redirectShortcode = sprintf('[sitetree_link,id=%d]', $redirectPage->ID);
|
||||||
|
$redirectEnclosed = sprintf('[sitetree_link,id=%d]Example Content[/sitetree_link]', $redirectPage->ID);
|
||||||
|
$redirectExpected = 'http://www.google.com?a&b';
|
||||||
|
|
||||||
|
$this->assertEquals($redirectExpected, $parser->parse($redirectShortcode));
|
||||||
|
$this->assertEquals(sprintf('<a href="%s">Example Content</a>', $redirectExpected), $parser->parse($redirectEnclosed));
|
||||||
|
|
||||||
$this->assertEquals('', $parser->parse('[sitetree_link]'), 'Test that invalid ID attributes are not parsed.');
|
$this->assertEquals('', $parser->parse('[sitetree_link]'), 'Test that invalid ID attributes are not parsed.');
|
||||||
$this->assertEquals('', $parser->parse('[sitetree_link,id="text"]'));
|
$this->assertEquals('', $parser->parse('[sitetree_link,id="text"]'));
|
||||||
$this->assertEquals('', $parser->parse('[sitetree_link]Example Content[/sitetree_link]'));
|
$this->assertEquals('', $parser->parse('[sitetree_link]Example Content[/sitetree_link]'));
|
||||||
|
@ -80,3 +80,11 @@ ErrorPage:
|
|||||||
404:
|
404:
|
||||||
Title: Page not Found
|
Title: Page not Found
|
||||||
ErrorCode: 404
|
ErrorCode: 404
|
||||||
|
|
||||||
|
RedirectorPage:
|
||||||
|
external:
|
||||||
|
Title: External
|
||||||
|
URLSegment: external
|
||||||
|
RedirectionType: External
|
||||||
|
ExternalURL: "http://www.google.com?a&b"
|
||||||
|
|
||||||
|
Loading…
x
Reference in New Issue
Block a user