Skip to content

Commit 7dde7ef

Browse files
nicolas-grekasnicolas-grekas
committed
Merge branch '3.4' into 4.2
* 3.4: Fix XSS issues in the form theme of the PHP templating engine
2 parents 51d96f5 + c48b42d commit 7dde7ef

File tree

3 files changed

+4
-4
lines changed

3 files changed

+4
-4
lines changed

Resources/views/Form/choice_widget_collapsed.html.php

+1-1
Original file line numberDiff line numberDiff line change
@@ -11,7 +11,7 @@
1111
<?php if (count($preferred_choices) > 0): ?>
1212
<?php echo $view['form']->block($form, 'choice_widget_options', ['choices' => $preferred_choices]) ?>
1313
<?php if (count($choices) > 0 && null !== $separator): ?>
14-
<option disabled="disabled"><?php echo $separator ?></option>
14+
<option disabled="disabled"><?php echo $view->escape($separator) ?></option>
1515
<?php endif ?>
1616
<?php endif ?>
1717
<?php echo $view['form']->block($form, 'choice_widget_options', ['choices' => $choices]) ?>

Resources/views/Form/form_errors.html.php

+1-1
Original file line numberDiff line numberDiff line change
@@ -1,7 +1,7 @@
11
<?php if (count($errors) > 0): ?>
22
<ul>
33
<?php foreach ($errors as $error): ?>
4-
<li><?php echo $error->getMessage() ?></li>
4+
<li><?php echo $view->escape($error->getMessage()) ?></li>
55
<?php endforeach; ?>
66
</ul>
77
<?php endif ?>

Resources/views/Form/form_start.html.php

+2-2
Original file line numberDiff line numberDiff line change
@@ -1,6 +1,6 @@
11
<?php $method = strtoupper($method) ?>
22
<?php $form_method = $method === 'GET' || $method === 'POST' ? $method : 'POST' ?>
3-
<form name="<?php echo $name ?>" method="<?php echo strtolower($form_method) ?>"<?php if ($action !== ''): ?> action="<?php echo $action ?>"<?php endif ?><?php foreach ($attr as $k => $v) { printf(' %s="%s"', $view->escape($k), $view->escape($v)); } ?><?php if ($multipart): ?> enctype="multipart/form-data"<?php endif ?>>
3+
<form name="<?php echo $name ?>" method="<?php echo strtolower($form_method) ?>"<?php if ($action !== ''): ?> action="<?php echo $view->escape($action) ?>"<?php endif ?><?php foreach ($attr as $k => $v) { printf(' %s="%s"', $view->escape($k), $view->escape($v)); } ?><?php if ($multipart): ?> enctype="multipart/form-data"<?php endif ?>>
44
<?php if ($form_method !== $method): ?>
5-
<input type="hidden" name="_method" value="<?php echo $method ?>" />
5+
<input type="hidden" name="_method" value="<?php echo $view->escape($method) ?>" />
66
<?php endif ?>

0 commit comments

Comments
 (0)