* 1.7.0 (2012-XX-XX)
+ * fixed sandbox mode when used with inheritance
* added preserveKeys support for the slice filter
* fixed the date filter when a DateTime instance is passed with a specific timezone
* added a trim filter
protected function compileDisplayBody(Twig_Compiler $compiler)
{
- if (null === $this->getNode('parent')) {
- $compiler->write("\$this->checkSecurity();\n");
- }
+ $compiler->write("\$this->checkSecurity();\n");
parent::compileDisplayBody($compiler);
}
->write(!$this->usedFunctions ? "array()\n" : "array('".implode('\', \'', $this->usedFunctions)."')\n")
->outdent()
->write(");\n")
- ;
-
- if (null !== $this->getNode('parent')) {
- $compiler
- ->raw("\n")
- ->write("\$this->parent->checkSecurity();\n")
- ;
- }
-
- $compiler
->outdent()
->write("}\n\n")
;
'1_basic7' => '{{ cycle(["foo","bar"], 1) }}',
'1_basic8' => '{{ obj.getfoobar }}{{ obj.getFooBar }}',
'1_basic' => '{% if obj.foo %}{{ obj.foo|upper }}{% endif %}',
+ '1_layout' => '{% block content %}{% endblock %}',
+ '1_child' => '{% extends "1_layout" %}{% block content %}{{ "a"|json_encode }}{% endblock %}',
);
}
+ /**
+ * @expectedException Twig_Sandbox_SecurityError
+ * @expectedExceptionMessage Filter "json_encode" is not allowed.
+ */
+ public function testSandboxWithInheritance()
+ {
+ $twig = $this->getEnvironment(true, array(), self::$templates, array('block'));
+ $twig->loadTemplate('1_child')->render(array());
+ }
+
public function testSandboxGloballySet()
{
$twig = $this->getEnvironment(false, array(), self::$templates);
protected function doDisplay(array \$context, array \$blocks = array())
{
+ \$this->checkSecurity();
\$this->getParent(\$context)->display(\$context, array_merge(\$this->blocks, \$blocks));
}
array('for'),
array('cycle')
);
-
- \$this->parent->checkSecurity();
}
public function getTemplateName()