mirror of
https://github.com/silverstripe/silverstripe-framework
synced 2024-10-22 14:05:37 +02:00
FIX We still need XML escaping on href attributes in HTML4Value
This commit is contained in:
parent
fb17f43878
commit
8d26bdbd2e
@ -52,7 +52,7 @@ abstract class SS_HTMLValue extends ViewableData {
|
||||
|
||||
// Then replace the saved attributes with their original versions
|
||||
$res = preg_replace_callback('/__HTMLVALUE_(\d+)/', function($matches) use ($attrs) {
|
||||
return $attrs[$matches[0]];
|
||||
return Convert::raw2att($attrs[$matches[0]]);
|
||||
}, $res);
|
||||
|
||||
return $res;
|
||||
|
@ -58,4 +58,13 @@ class SS_HTML4ValueTest extends SapphireTest {
|
||||
);
|
||||
}
|
||||
|
||||
public function testAttributeEscaping() {
|
||||
$value = new SS_HTML4Value();
|
||||
|
||||
$value->setContent('<a href="[]"></a>');
|
||||
$this->assertEquals('<a href="[]"></a>', $value->getContent(), "'[' character isn't escaped");
|
||||
|
||||
$value->setContent('<a href="""></a>');
|
||||
$this->assertEquals('<a href="""></a>', $value->getContent(), "'\"' character is escaped");
|
||||
}
|
||||
}
|
||||
|
Loading…
Reference in New Issue
Block a user