Allow concatenating HTML with operator extension
ClosedPublic
Actions

Authored by vrana on Oct 18 2013, 3:32 PM.

Tags

None

Referenced Files

	Unknown Object (File)
	Oct 18 2024, 4:16 PM

	Unknown Object (File)
	Oct 15 2024, 12:20 AM

	Unknown Object (File)
	Oct 14 2024, 3:41 AM

	Unknown Object (File)
	Oct 2 2024, 6:55 AM

	Unknown Object (File)
	Sep 29 2024, 6:17 AM

	Unknown Object (File)
	Sep 29 2024, 6:17 AM

	Unknown Object (File)
	Sep 29 2024, 6:17 AM

	Unknown Object (File)
	Sep 28 2024, 5:19 AM

Subscribers

Details

Reviewers

epriestley

Commits

rPHU7412081d0d1c: Allow concatenating HTML with operator extension

Summary

This will prevent double escaping.

Test Plan

New test case.

Diff Detail

Lint

Lint Skipped

Unit

Tests Skipped

Event Timeline

I expect this would be available in PHP 5.7 by default. PHP 5.6 introduces internal operator overloading. Once it is released, users would shout: "Why can't we do the same in the userland?". Developers realize that it's silly to have a language that couldn't be written in itself and allow this also in userland. Well, maybe in PHP 5.8.

It's very comforting to know that we'll be safe from double escaping as soon as PHP 5.8 is released.

src/markup/__tests__/PhutilSafeHTMLTestCase.php
14–20	Maybe these tests should have more `<` and such in them, to prove that double escaping is actually prevented?
14–20	I guess the fact that `getHTMLContent()` doesn't fatal is pretty good proof that it worked.