Properly escape inline <script>
e8dd67b88c13
Actions

Description

Properly escape inline <script>

Test Plan:
Loaded Phabricator page, checked the source code. Also:

$c_uri = '//connect.facebook.net/en_US/all.js#xfbml=1&appId=';
echo CelerityStaticResourceResponse::renderInlineScript(
  jsprintf(
    'console.log(%s); // </script>
    %s',
    $c_uri,
    "</script><b>x</b>"));

Reviewers: epriestley, btrahan

Reviewed By: epriestley

CC: aran, Korvin

Differential Revision: https://secure.phabricator.com/D5741

Details

Provenance

Jakub Vrana	Authored on Apr 20 2013, 5:55 PM
themackabu	Pushed on Mar 25 2025, 8:07 PM

Parents

rPb216dc9c2c43: Document where Arcanist configuration can be set

Branches

Tags

Event Timeline

Changes (3)

Path

Size

src/

applications/

phame/

view/

PhamePostView.php

infrastructure/

celerity/

CelerityStaticResourceResponse.php

view/

page/

PhabricatorBarePageView.php

rPe8dd67b88c13

View Options

src/applications/phame/view/PhamePostView.php

View Options

src/infrastructure/celerity/CelerityStaticResourceResponse.php

View Options

src/view/page/PhabricatorBarePageView.php

Properly escape inline <script>e8dd67b88c13Actions

Description

Details

Event Timeline

Changes (3)

rPe8dd67b88c13

src/applications/phame/view/PhamePostView.php

src/infrastructure/celerity/CelerityStaticResourceResponse.php

src/view/page/PhabricatorBarePageView.php

Properly escape inline <script>
e8dd67b88c13
Actions