recaptime.dev / phorge
@recaptime-dev's working patches + fork for Phorge, a community fork of Phabricator. (Upstream dev and stable branches are at upstream/main and upstream/stable respectively.) hq.recaptime.dev/wiki/Phorge
phorge phabricator
1
fork

Configure Feed

Select the types of activity you want to include in your feed.

Fix overescaping in Paste

Summary:
Two issues:

- When we read the content out of cache, it has lost its "safe html" flag, since the cache is raw-string oriented. Restore it.
- explode() isn't safe-html-safe. Use phutil_split_lines() instead, which is.

Test Plan: Looked at /paste/

Reviewers: codeblock, chad

Reviewed By: codeblock

CC: aran

Differential Revision: https://secure.phabricator.com/D4980

epriestley 02f7ece8 6c1043cf

+2 -2
+1 -1
src/applications/paste/controller/PhabricatorPasteController.php
··· 44 44 PhabricatorPaste $paste, 45 45 $max_lines = null) { 46 46 47 - $lines = explode("\n", rtrim($paste->getContent())); 47 + $lines = phutil_split_lines($paste->getContent()); 48 48 49 49 return id(new PhabricatorSourceCodeView()) 50 50 ->setLimit($max_lines)
+1 -1
src/applications/paste/query/PhabricatorPasteQuery.php
··· 141 141 foreach ($pastes as $paste) { 142 142 $key = $this->getContentCacheKey($paste); 143 143 if (isset($caches[$key])) { 144 - $paste->attachContent($caches[$key]); 144 + $paste->attachContent(phutil_safe_html($caches[$key])); 145 145 } else { 146 146 $need_raw[] = $paste; 147 147 }