Homec4science
Diffusion Phabricator e7702acdc659

Don't escape quotation marks when printing the monospaced CSS rule
e7702acdc659
Actions

Authored by epriestley <git@epriestley.com> on Apr 22 2015, 18:28.

Description

Don't escape quotation marks when printing the monospaced CSS rule

Summary:
Fixes T7888. This is currently safe, but double quotes are incorrectly escaped.

To keep them unescaped, we have to punch through PhutilSafeHTML a bit. Since the allowable characters are strictly filtered this is still safe in practice, just not as theoretically-safe.

Test Plan: Set font to 32px "impact" (with quotes), saw impact font.

Reviewers: btrahan, chad

Reviewed By: chad

Subscribers: epriestley

Maniphest Tasks: T7888

Differential Revision: https://secure.phabricator.com/D12506

Details

Committed
epriestley <git@epriestley.com>Apr 22 2015, 18:28
Pushed
aubortJan 31 2017, 17:16
Parents
rPH4dea152215cc: Fix a possible undefined variable
Branches
Unknown
Tags
Unknown

Event Timeline

epriestley <git@epriestley.com> committed rPHe7702acdc659: Don't escape quotation marks when printing the monospaced CSS rule (authored by epriestley <git@epriestley.com>).Apr 22 2015, 18:28

Changes (3)

Path
Msrc/applications/settings/panel/PhabricatorDisplayPreferencesSettingsPanel.php
Msrc/applications/settings/storage/PhabricatorUserPreferences.php
Msrc/view/page/PhabricatorStandardPageView.php

rPHe7702acdc659

View Options

src/applications/settings/panel/PhabricatorDisplayPreferencesSettingsPanel.php

Loading...
View Options

src/applications/settings/storage/PhabricatorUserPreferences.php

Loading...
View Options

src/view/page/PhabricatorStandardPageView.php

Loading...
c4science ยท Help