composer/iTop
6
0
Fork 0
mirror of https://github.com/Combodo/iTop.git synced 2026-04-23 18:48:51 +02:00
Code Issues Packages Projects Releases Wiki Activity

N°3565 - Migrate backoffice pages to new UIBlock system : Setup (fix bad escaping)

Browse Source
This commit is contained in:
Eric
2021-02-08 14:20:03 +01:00
parent 82b7854d46
commit 91752b4068
4 changed files with 3 additions and 10 deletions
Download Patch File Download Diff File Expand all files Collapse all files

7
sources/application/TwigBase/Twig/Extension.php
View File

@@ -129,13 +129,6 @@ class Extension
return $sUrl;
}));
// Filter to sanitize a string (escape ')
// Usage in twig: {{ 'string'|escape_for_js_string }}
$oTwigEnv->addFilter(new Twig_SimpleFilter('escape_for_js_string', function ($sString) {
return str_replace(["'", '"', "\n"], ["\\'", "\\\"", " "], $sString);
})
);
// var_export can be used for example to transform a PHP boolean to 'true' or 'false' strings
// @see https://www.php.net/manual/fr/function.var-export.php
$oTwigEnv->addFilter(new Twig_SimpleFilter('var_export', 'var_export'));

2
templates/application/display-block/block-chart/layout.js.twig
View File

@@ -1,7 +1,7 @@
{# @copyright Copyright (C) 2010-2020 Combodo SARL #}
{# @license http://opensource.org/licenses/AGPL-3.0 #}
{% apply spaceless %}
$.post('{{ oUIBlock.sUrl|escape_for_js_string|raw }}', {}, function (data) {
$.post('{{ oUIBlock.sUrl|escape('js') }}', {}, function (data) {
$('body').append(data);
});
{% endapply %}

2
templates/base/layouts/tab-container/layout.js.twig
View File

@@ -5,7 +5,7 @@
$('#{{ oUIBlock.GetId() }}').tab_container();
{% else %}
{% for oTab in oUIBlock.GetSubBlocks() %}
oHiddeableChapters['tab_{{ oTab.GetId()|sanitize_identifier }}'] = '{{ oTab.GetTitle()|escape_for_js_string }}';
oHiddeableChapters['tab_{{ oTab.GetId()|sanitize_identifier }}'] = '{{ oTab.GetTitle()|escape('js') }}';
{% if oTab.GetType() == constant('TabManager::ENUM_TAB_TYPE_AJAX') %}
$.post('{{ oTab.GetUrl()|raw}}', {printable: '1'}, function(data){
$('#tab_{{ oTab.GetId()|sanitize_identifier }} > .printable-tab-content').append(data);

2
templates/pages/backoffice/ajaxpage/layout.html.twig
View File

@@ -80,7 +80,7 @@
{% if aDeferredBlocks is not empty %}
{# TODO 3.0.0 #}
{# <script type="text/javascript"> #}
{# $('body').append('{% for oBlock in aDeferredBlocks %}{{ render_block(oBlock, {aPage: aPage})|escape_for_js_string|raw }}{% endfor %}'); #}
{# $('body').append('{% for oBlock in aDeferredBlocks %}{{ render_block(oBlock, {aPage: aPage})|escape('js')|raw }}{% endfor %}'); #}
{# </script> #}
{% for oBlock in aDeferredBlocks %}
{{ render_block(oBlock, {aPage: aPage})|raw }}