Properly escape inline <script>
e8dd67b88c13
Actions

Authored by Jakub Vrana <jakub@vrana.cz> on Apr 21 2013, 02:55.

Description

Properly escape inline <script>

Test Plan:
Loaded Phabricator page, checked the source code. Also:

$c_uri = '//connect.facebook.net/en_US/all.js#xfbml=1&appId=';
echo CelerityStaticResourceResponse::renderInlineScript(
  jsprintf(
    'console.log(%s); // </script>
    %s',
    $c_uri,
    "</script><b>x</b>"));

Reviewers: epriestley, btrahan

Reviewed By: epriestley

CC: aran, Korvin

Differential Revision: https://secure.phabricator.com/D5741

Details

Committed

Jakub Vrana <jakub@vrana.cz>

Apr 21 2013, 02:55

Pushed

aubort

Jan 31 2017, 17:16

Parents

rPHb216dc9c2c43: Document where Arcanist configuration can be set

Branches

Unknown

Tags

Unknown

Event Timeline

Jakub Vrana <jakub@vrana.cz> committed rPHe8dd67b88c13: Properly escape inline <script> (authored by Jakub Vrana <jakub@vrana.cz>).Apr 21 2013, 02:55

Changes (3)

				Path
	M			src/applications/phame/view/PhamePostView.php
	M			src/infrastructure/celerity/CelerityStaticResourceResponse.php
	M			src/view/page/PhabricatorBarePageView.php

rPHe8dd67b88c13

View Options

src/applications/phame/view/PhamePostView.php

View Options

src/infrastructure/celerity/CelerityStaticResourceResponse.php

View Options

src/view/page/PhabricatorBarePageView.php

Properly escape inline <script>e8dd67b88c13Actions

Description

Details

Event Timeline

Changes (3)

rPHe8dd67b88c13

src/applications/phame/view/PhamePostView.php

src/infrastructure/celerity/CelerityStaticResourceResponse.php

src/view/page/PhabricatorBarePageView.php

Properly escape inline <script>
e8dd67b88c13
Actions