M_Viper/ts-website
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

Added escape method to Utils

Browse Source
This commit is contained in:
Wruczek
2019-01-09 11:15:07 +01:00
parent a1eafee419
commit 7ac6d34e7b
5 changed files with 25 additions and 15 deletions
Download Patch File Download Diff File Expand all files Collapse all files

6
src/private/php/Utils/TemplateUtils.php
View File

@@ -165,13 +165,13 @@ class TemplateUtils {
}
} else if (is_string($parameter)) {
// NEEDS to start with a space!
$attributes = ' integrity="' . htmlspecialchars($parameter) . '" crossorigin="anonymous"';
$attributes = ' integrity="' . Utils::escape($parameter) . '" crossorigin="anonymous"';
}
if ($resourceType === "stylesheet") {
echo '<link rel="stylesheet" href="' . htmlspecialchars($url) . '"' . $attributes . '>';
echo '<link rel="stylesheet" href="' . Utils::escape($url) . '"' . $attributes . '>';
} else if ($resourceType === "script") {
echo '<script src="' . htmlspecialchars($url) . '"' . $attributes . '></script>';
echo '<script src="' . Utils::escape($url) . '"' . $attributes . '></script>';
} else {
throw new \InvalidArgumentException("$resourceType is not a valid resource type");
}