This will prevent double escaping.
Details
Details
- Reviewers
epriestley - Commits
- rPHU7412081d0d1c: Allow concatenating HTML with operator extension
New test case.
Diff Detail
Diff Detail
- Branch
- operator
- Lint
Lint Warnings Severity Location Code Message Warning src/markup/PhutilSafeHTML.php:40 XHP9 Naming Conventions - Unit
Tests Passed
Event Timeline
Comment Actions
I expect this would be available in PHP 5.7 by default. PHP 5.6 introduces internal operator overloading. Once it is released, users would shout: "Why can't we do the same in the userland?". Developers realize that it's silly to have a language that couldn't be written in itself and allow this also in userland. Well, maybe in PHP 5.8.
Comment Actions
It's very comforting to know that we'll be safe from double escaping as soon as PHP 5.8 is released.
src/markup/__tests__/PhutilSafeHTMLTestCase.php | ||
---|---|---|
14–20 | Maybe these tests should have more < and such in them, to prove that double escaping is actually prevented? | |
14–20 | I guess the fact that getHTMLContent() doesn't fatal is pretty good proof that it worked. |