Differential D15997 Diff 38505 src/applications/settings/setting/PhabricatorMonospacedFontSetting.php
Changeset View
Changeset View
Standalone View
Standalone View
src/applications/settings/setting/PhabricatorMonospacedFontSetting.php
- This file was added.
| <?php | |||||
| final class PhabricatorMonospacedFontSetting | |||||
| extends PhabricatorStringSetting { | |||||
| const SETTINGKEY = 'monospaced'; | |||||
| public function getSettingName() { | |||||
| return pht('Monospaced Font'); | |||||
| } | |||||
| protected function getControlInstructions() { | |||||
| return pht( | |||||
| 'You can customize the font used when showing monospaced text, '. | |||||
| 'including source code. You should enter a valid CSS font declaration '. | |||||
| 'like: `13px Consolas`'); | |||||
| } | |||||
| public function validateTransactionValue($value) { | |||||
| if (!strlen($value)) { | |||||
| return; | |||||
| } | |||||
| $filtered = self::filterMonospacedCSSRule($value); | |||||
| if ($filtered !== $value) { | |||||
| throw new Exception( | |||||
| pht( | |||||
| 'Monospaced font value "%s" is unsafe. You may only enter '. | |||||
| 'letters, numbers, spaces, commas, periods, forward slashes '. | |||||
| 'and double quotes.', | |||||
| $value)); | |||||
| } | |||||
| } | |||||
| public static function filterMonospacedCSSRule($monospaced) { | |||||
| // Prevent the user from doing dangerous things. | |||||
| return preg_replace('([^a-z0-9 ,"./]+)i', '', $monospaced); | |||||
| } | |||||
| } | |||||