tonyair/silverstripe-iframe
1
0
Fork 0
mirror of https://github.com/silverstripe/silverstripe-iframe synced 2024-10-22 11:05:51 +02:00
Code Issues Projects Releases Wiki Activity

Compare commits

base: tonyair:d33a9d52e3247df0c30d1a48425d670a65506db9
Branches Tags
tonyair:2
tonyair:4
tonyair:3
tonyair:3.2
tonyair:2.4
tonyair:3.1
tonyair:3.0
tonyair:2.3
tonyair:2.2
tonyair:2.1
tonyair:2.0
tonyair:master
tonyair:1.0
tonyair:3.2.1
tonyair:3.2.0
tonyair:3.2.0-rc1
tonyair:3.2.0-beta1
tonyair:3.1.1
tonyair:2.4.3
tonyair:3.1.0
tonyair:3.1.0-rc1
tonyair:3.1.0-beta1
tonyair:3.0.2
tonyair:2.4.2
tonyair:3.0.1
tonyair:2.4.1
tonyair:3.0.0
tonyair:2.4.0
tonyair:3.0.0-rc1
tonyair:2.4.0-rc1
tonyair:2.4.0-beta1
tonyair:3.0.0-beta1
tonyair:2.3.0
tonyair:2.3.0-rc1
tonyair:2.3.0-beta1
tonyair:2.2.0
tonyair:2.2.0-rc1
tonyair:2.2.0-beta1
tonyair:2.1.0
tonyair:2.0.4
tonyair:2.0.3
tonyair:2.0.2
tonyair:2.0.1
tonyair:2.0.0
tonyair:2.0.0-beta1
tonyair:1.0.16
tonyair:1.0.15
tonyair:1.0.14
tonyair:1.0.13
tonyair:1.0.12
tonyair:1.0.11
tonyair:1.0.10
tonyair:1.0.9
tonyair:1.0.-9
tonyair:1.0.8
tonyair:1.0.7
tonyair:1.0.6
tonyair:1.0.5
tonyair:1.0.4
tonyair:1.0.3
tonyair:1.0.2
tonyair:1.0.1
tonyair:1.0.1-rc1
...
compare: tonyair:e6a0f2dc34225f3f3f91cc00d7f0a82b41af61e6
Branches Tags
tonyair:4
tonyair:3
tonyair:3.2
tonyair:2
tonyair:2.4
tonyair:3.1
tonyair:3.0
tonyair:2.3
tonyair:2.2
tonyair:2.1
tonyair:2.0
tonyair:master
tonyair:1.0
tonyair:3.2.1
tonyair:3.2.0
tonyair:3.2.0-rc1
tonyair:3.2.0-beta1
tonyair:3.1.1
tonyair:2.4.3
tonyair:3.1.0
tonyair:3.1.0-rc1
tonyair:3.1.0-beta1
tonyair:3.0.2
tonyair:2.4.2
tonyair:3.0.1
tonyair:2.4.1
tonyair:3.0.0
tonyair:2.4.0
tonyair:3.0.0-rc1
tonyair:2.4.0-rc1
tonyair:2.4.0-beta1
tonyair:3.0.0-beta1
tonyair:2.3.0
tonyair:2.3.0-rc1
tonyair:2.3.0-beta1
tonyair:2.2.0
tonyair:2.2.0-rc1
tonyair:2.2.0-beta1
tonyair:2.1.0
tonyair:2.0.4
tonyair:2.0.3
tonyair:2.0.2
tonyair:2.0.1
tonyair:2.0.0
tonyair:2.0.0-beta1
tonyair:1.0.16
tonyair:1.0.15
tonyair:1.0.14
tonyair:1.0.13
tonyair:1.0.12
tonyair:1.0.11
tonyair:1.0.10
tonyair:1.0.9
tonyair:1.0.-9
tonyair:1.0.8
tonyair:1.0.7
tonyair:1.0.6
tonyair:1.0.5
tonyair:1.0.4
tonyair:1.0.3
tonyair:1.0.2
tonyair:1.0.1
tonyair:1.0.1-rc1

2 Commits
d33a9d52e3 ... e6a0f2dc34

Author SHA1 Message Date
Guy Sartorelli
e6a0f2dc34
ENH Use symfony/validation logic 2024-09-25 10:18:52 +12:00
Guy Sartorelli
8dfd9ce148
API Use new names for renamed classes (#98) 2024-09-23 14:40:19 +12:00
2 changed files with 14 additions and 13 deletions
Show Stats Expand all files Collapse all files

25
src/IFramePage.php
View File

@ -3,12 +3,13 @@
namespace SilverStripe\IFrame; namespace SilverStripe\IFrame;
use Page; use Page;
use SilverStripe\Core\Validation\ConstraintValidator;
use SilverStripe\Forms\DropdownField; use SilverStripe\Forms\DropdownField;
use SilverStripe\Forms\FieldList; use SilverStripe\Forms\FieldList;
use SilverStripe\Forms\TextField; use SilverStripe\Forms\TextField;
use SilverStripe\ORM\FieldType\DBField; use SilverStripe\ORM\FieldType\DBField;
use SilverStripe\ORM\ValidationException; use SilverStripe\Core\Validation\ValidationResult;
use SilverStripe\ORM\ValidationResult; use Symfony\Component\Validator\Constraints\Url;
/** /**
* Iframe page type embeds an iframe of URL of choice into the page. * Iframe page type embeds an iframe of URL of choice into the page.
@ -119,21 +120,21 @@ class IFramePage extends Page
/** /**
* Ensure that the IFrameURL is a valid url and prevents XSS * Ensure that the IFrameURL is a valid url and prevents XSS
* *
* @throws ValidationException
* @return ValidationResult * @return ValidationResult
*/ */
public function validate() public function validate()
{ {
$result = parent::validate(); $fullResult = parent::validate();
//whitelist allowed URL schemes $allowedSchemes = ['http', 'https'];
$allowed_schemes = array('http', 'https'); $message = _t(__CLASS__ . '.VALIDATION_URL', 'Please enter a valid URL');
if ($matches = parse_url($this->IFrameURL ?? '')) { $result = ConstraintValidator::validate(
if (isset($matches['scheme']) && !in_array($matches['scheme'], $allowed_schemes ?? [])) { $this->value,
$result->addError(_t(__CLASS__ . '.VALIDATION_BANNEDURLSCHEME', "This URL scheme is not allowed.")); new Url(message: $message, protocols: $allowedSchemes),
} $this->getName()
} );
$fullResult->combineAnd($result);
return $result; return $fullResult;
} }
} }

2
tests/IFramePageTest.php
View File

@ -4,7 +4,7 @@ namespace SilverStripe\IFrame\Tests;
use SilverStripe\Core\Config\Config; use SilverStripe\Core\Config\Config;
use SilverStripe\Control\Director; use SilverStripe\Control\Director;
use SilverStripe\ORM\ValidationException; use SilverStripe\Core\Validation\ValidationException;
use SilverStripe\Dev\SapphireTest; use SilverStripe\Dev\SapphireTest;
use SilverStripe\IFrame\IFramePage; use SilverStripe\IFrame\IFramePage;
use SilverStripe\IFrame\IFramePageController; use SilverStripe\IFrame\IFramePageController;