composer/iTop
6
0
Fork 0
mirror of https://github.com/Combodo/iTop.git synced 2026-02-13 07:24:13 +01:00
Code Issues Packages Projects Releases Wiki Activity

restore important security fix on twig filter

Browse Source 
see N°4867 "Twig content not allowed" error when use the extkey widget search icon in the user portal
This commit is contained in:
Benjamin Dalsass
2022-07-27 08:06:18 +02:00
committed by bdalsass
parent 76062ca8b2
commit dbd5c32535
1 changed files with 10 additions and 0 deletions
Download Patch File Download Diff File Expand all files Collapse all files

10
sources/Application/TwigBase/Twig/Extension.php
View File

@@ -141,6 +141,16 @@ class Extension
// @see https://www.php.net/manual/fr/function.var-export.php
$aFilters[] = new TwigFilter('var_export', 'var_export');
//since 2.7.7 3.0.2 3.1.0 N°4867 "Twig content not allowed" error when use the extkey widget search icon in the user portal
//overwrite native twig filter : disable use of 'system' filter
$aFilters[] = new TwigFilter('filter', function ($array, $arrow) {
if ($arrow == 'system') {
return json_encode($array);
}
return twig_array_filter($array, $arrow);
});
return $aFilters;
}