Homestyx hydra
Diffusion hydra a22ef4e9b472

Kill most of phutil_escape_html()
a22ef4e9b472
Actions

Description

Kill most of phutil_escape_html()

Summary:
This resolves lots of double escaping.
We changed most of phutil_render_tag(, , $s) to phutil_tag(, , $s) which means that $s is now auto-escaped.
Also pht() auto escapes if it gets PhutilSafeHTML.

Test Plan: None.

Reviewers: epriestley

Reviewed By: epriestley

CC: aran, Korvin

Maniphest Tasks: T2432

Differential Revision: https://secure.phabricator.com/D4889

Details

Provenance
vranaAuthored on Feb 9 2013, 5:43 PM
sirocylPushed on Oct 16 2024, 5:49 AM
Parents
R1:9b8da7376550: Convert AphrontTableView to safe HTML
Branches
Unknown
Tags
Unknown

Event Timeline

Changes (24)

PathSize
src/
aphront/
console/
plugin/
applications/
auth/
controller/
calendar/
controller/
view/
conpherence/
storage/
differential/
field/
specification/
view/
diffusion/
view/
feed/
story/
flag/
events/
macro/
storage/
maniphest/
auxiliaryfield/
paste/
controller/
pholio/
storage/
phpast/
controller/
policy/
filter/
subscriptions/
events/
transactions/
storage/
view/
layout/

R1:a22ef4e9b472

View Options

src/aphront/console/plugin/DarkConsoleErrorLogPlugin.php

Loading...
View Options

src/applications/auth/controller/PhabricatorLoginController.php

Loading...
View Options

src/applications/calendar/controller/PhabricatorCalendarViewStatusController.php

Loading...
View Options

src/applications/calendar/view/AphrontCalendarMonthView.php

Loading...
View Options

src/applications/conpherence/storage/ConpherenceTransaction.php

Loading...
View Options

src/applications/differential/field/specification/DifferentialReviewersFieldSpecification.php

Loading...
View Options

src/applications/differential/view/DifferentialDiffTableOfContentsView.php

Loading...
View Options

src/applications/differential/view/DifferentialRevisionCommentView.php

Loading...
View Options

src/applications/diffusion/view/DiffusionCommentView.php

Loading...
View Options

src/applications/feed/story/PhabricatorFeedStoryCommit.php

Loading...
View Options

src/applications/flag/events/PhabricatorFlagsUIEventListener.php

Loading...
View Options

src/applications/macro/storage/PhabricatorMacroTransaction.php

Loading...
View Options

src/applications/maniphest/auxiliaryfield/ManiphestAuxiliaryFieldDefaultSpecification.php

Loading...
View Options

src/applications/maniphest/auxiliaryfield/ManiphestAuxiliaryFieldSpecification.php

Loading...
View Options

src/applications/paste/controller/PhabricatorPasteListController.php

Loading...
View Options

src/applications/pholio/storage/PholioTransaction.php

Loading...
View Options

src/applications/phpast/controller/PhabricatorXHPASTViewInputController.php

Loading...
View Options

src/applications/phpast/controller/PhabricatorXHPASTViewPanelController.php

Loading...
View Options

src/applications/phpast/controller/PhabricatorXHPASTViewStreamController.php

Loading...
View Options

src/applications/phpast/controller/PhabricatorXHPASTViewTreeController.php

Loading...
View Options

src/applications/policy/filter/PhabricatorPolicy.php

Loading...
View Options

src/applications/subscriptions/events/PhabricatorSubscriptionsUIEventListener.php

Loading...
View Options

src/applications/transactions/storage/PhabricatorApplicationTransaction.php

Loading...
View Options

src/view/layout/PhabricatorSourceCodeView.php

Loading...
styx copyright 2020 sirocyl / ellie (kymkdd) / ncommander / styx contributors
Use of other names and brands is not intended to reflect a claim of, or right to, use the name or brand.
styx is an operating system using the Linux kernel and components, and "styx Linux" as a phrase does not reflect the inclusion of the Linux brand or trademark in the styx project.
Linux® is the registered trademark of Linus Torvalds in the U.S. and other countries.
Terms and Conditions (TODO: fix this!)