From 9cfe4f343dd02c847131d7cc8bf79f58e1434748 Mon Sep 17 00:00:00 2001 From: Andreas Piening Date: Wed, 4 Apr 2018 14:54:00 +1200 Subject: [PATCH] Sanitise class name in JSON formatter --- src/DataFormatter/JSONDataFormatter.php | 14 +++++++------- 1 file changed, 7 insertions(+), 7 deletions(-) diff --git a/src/DataFormatter/JSONDataFormatter.php b/src/DataFormatter/JSONDataFormatter.php index 132dd37..cac7bda 100644 --- a/src/DataFormatter/JSONDataFormatter.php +++ b/src/DataFormatter/JSONDataFormatter.php @@ -108,11 +108,11 @@ class JSONDataFormatter extends DataFormatter } $fieldName = $relName . 'ID'; - if ($obj->$fieldName) { - $href = Director::absoluteURL($this->config()->api_base . "$relClass/" . $obj->$fieldName); - } else { - $href = Director::absoluteURL($this->config()->api_base . "$className/$id/$relName"); - } + $rel = $this->config()->api_base; + $rel .= $obj->$fieldName + ? $this->sanitiseClassName($relClass) . '/' . $obj->$fieldName + : $this->sanitiseClassName($className) . "/$id/$relName"; + $href = Director::absoluteURL($rel); $serobj->$relName = ArrayData::array_to_object(array( "className" => $relClass, "href" => "$href.json", @@ -140,8 +140,8 @@ class JSONDataFormatter extends DataFormatter $innerParts = array(); $items = $obj->$relName(); foreach ($items as $item) { - //$href = Director::absoluteURL($this->config()->api_base . "$className/$id/$relName/$item->ID"); - $href = Director::absoluteURL($this->config()->api_base . "$relClass/$item->ID"); + $rel = $this->config()->api_base . $this->sanitiseClassName($relClass) . "/$item->ID"; + $href = Director::absoluteURL($rel); $innerParts[] = ArrayData::array_to_object(array( "className" => $relClass, "href" => "$href.json",