Allow concatenating HTML with operator extension
ClosedPublic
Actions

Authored by vrana on Oct 18 2013, 3:32 PM.

Tags

None

Referenced Files

	F13180741: D7347.diff
	Thu, May 9, 3:28 AM

	Unknown Object (File)
	Wed, May 1, 8:06 PM

	Unknown Object (File)
	Sun, Apr 28, 9:28 AM

	Unknown Object (File)
	Mon, Apr 22, 3:31 PM

	Unknown Object (File)
	Mon, Apr 22, 3:31 PM

	Unknown Object (File)
	Mon, Apr 22, 3:30 PM

	Unknown Object (File)
	Wed, Apr 17, 3:15 PM

	Unknown Object (File)
	Apr 5 2024, 11:14 PM

Subscribers

Details

Reviewers

epriestley

Commits

rPHU7412081d0d1c: Allow concatenating HTML with operator extension

Summary

This will prevent double escaping.

Test Plan

New test case.

Diff Detail

Branch

operator

Lint

Lint Warnings

Severity	Location	Code	Message
Warning	src/markup/PhutilSafeHTML.php:40	XHP9	Naming Conventions

Unit

Tests Passed

Event Timeline

I expect this would be available in PHP 5.7 by default. PHP 5.6 introduces internal operator overloading. Once it is released, users would shout: "Why can't we do the same in the userland?". Developers realize that it's silly to have a language that couldn't be written in itself and allow this also in userland. Well, maybe in PHP 5.8.

It's very comforting to know that we'll be safe from double escaping as soon as PHP 5.8 is released.

src/markup/__tests__/PhutilSafeHTMLTestCase.php
14–20	Maybe these tests should have more `<` and such in them, to prove that double escaping is actually prevented?
14–20	I guess the fact that `getHTMLContent()` doesn't fatal is pretty good proof that it worked.