Don't escape quotation marks when printing the monospaced CSS rule
e7702acdc659
Actions

Description

Don't escape quotation marks when printing the monospaced CSS rule

Summary:
Fixes T7888. This is currently safe, but double quotes are incorrectly escaped.

To keep them unescaped, we have to punch through PhutilSafeHTML a bit. Since the allowable characters are strictly filtered this is still safe in practice, just not as theoretically-safe.

Test Plan: Set font to 32px "impact" (with quotes), saw impact font.

Reviewers: btrahan, chad

Reviewed By: chad

Subscribers: epriestley

Maniphest Tasks: T7888

Differential Revision: https://secure.phabricator.com/D12506

Details

Provenance

epriestley	Authored on Apr 22 2015, 9:28 AM
themackabu	Pushed on Mar 25 2025, 8:07 PM

Parents

rP4dea152215cc: Fix a possible undefined variable

Branches

Unknown

Tags

Unknown

Event Timeline

Changes (3)

Path

Size

src/

applications/

settings/

panel/

PhabricatorDisplayPreferencesSettingsPanel.php

storage/

PhabricatorUserPreferences.php

view/

page/

PhabricatorStandardPageView.php

rPe7702acdc659

View Options

src/applications/settings/panel/PhabricatorDisplayPreferencesSettingsPanel.php

View Options

src/applications/settings/storage/PhabricatorUserPreferences.php

View Options

src/view/page/PhabricatorStandardPageView.php

Don't escape quotation marks when printing the monospaced CSS rulee7702acdc659Actions

Description

Details

Event Timeline

Changes (3)

rPe7702acdc659

src/applications/settings/panel/PhabricatorDisplayPreferencesSettingsPanel.php

src/applications/settings/storage/PhabricatorUserPreferences.php

src/view/page/PhabricatorStandardPageView.php

Don't escape quotation marks when printing the monospaced CSS rule
e7702acdc659
Actions