Skip to content
This repository has been archived by the owner on May 1, 2019. It is now read-only.

[WIP] Fix/Added escape helper to view output #313

Merged
merged 8 commits into from
Jan 23, 2015
Merged

[WIP] Fix/Added escape helper to view output #313

merged 8 commits into from
Jan 23, 2015

Conversation

ins0
Copy link
Contributor

@ins0 ins0 commented Jan 22, 2015

Escape all these things

GeeH
GeeH reviewed Jan 23, 2015
View reviewed changes
module/Application/view/application/index/index.phtml
@@ -26,13 +26,13 @@
<div class="span6 module-author">
<div class="row-fluid">
<div class="span3">
<img src="<?php echo $module->getPhotoUrl()?>" alt="<?php echo $module->getOwner()?>" class="avatar">
<img src="<?php echo $module->getPhotoUrl()?>" alt="<?php echo $this->escapeHtml($module->getOwner()); ?>" class="avatar">
Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Use htmlAttr escaper on the getPhotoUrl please

@ins0
Copy link
Contributor Author

ins0 commented Jan 23, 2015

didn't notice this helper LMAO, thanks @GeeH will update this

@ins0 ins0 changed the title Fix/Added escape helper to view output [WIP] Fix/Added escape helper to view output Jan 23, 2015
GeeH added a commit that referenced this pull request Jan 23, 2015
@GeeH
Merge pull request #313 from ins0/fix/xss
4ad4a78 
[WIP] Fix/Added escape helper to view output
@GeeH GeeH merged commit 4ad4a78 into zendframework:master Jan 23, 2015
@GeeH
Copy link
Contributor

GeeH commented Jan 23, 2015

Thank you very much @ins0 :)

@ins0 ins0 deleted the fix/xss branch January 23, 2015 15:17
Sign up for free to subscribe to this conversation on GitHub. Already have an account? Sign in.
Reviewers
No reviews
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
2 participants
@ins0 @GeeH