From 3bc113be2a46619fd792346c226aec3edf5e1f00 Mon Sep 17 00:00:00 2001 From: Christophe Coevoet Date: Wed, 29 May 2013 15:08:43 +0200 Subject: [PATCH] Made the include function safe for the autoescaping This fixes a regression introduced in ba88c75557 Fixes #1097 --- lib/Twig/Extension/Core.php | 12 ++++++------ .../Fixtures/functions/include/autoescaping.test | 10 ++++++++++ 2 files changed, 16 insertions(+), 6 deletions(-) create mode 100644 test/Twig/Tests/Fixtures/functions/include/autoescaping.test diff --git a/lib/Twig/Extension/Core.php b/lib/Twig/Extension/Core.php index 2c2a96a..e68687b 100644 --- a/lib/Twig/Extension/Core.php +++ b/lib/Twig/Extension/Core.php @@ -191,7 +191,7 @@ class Twig_Extension_Core extends Twig_Extension new Twig_SimpleFunction('cycle', 'twig_cycle'), new Twig_SimpleFunction('random', 'twig_random', array('needs_environment' => true)), new Twig_SimpleFunction('date', 'twig_date_converter', array('needs_environment' => true)), - new Twig_SimpleFunction('include', 'twig_include', array('needs_environment' => true, 'needs_context' => true)), + new Twig_SimpleFunction('include', 'twig_include', array('needs_environment' => true, 'needs_context' => true, 'is_safe' => array('all'))), ); } @@ -1273,11 +1273,11 @@ function twig_test_iterable($value) /** * Renders a template. * - * @param string template The template to render - * @param array variables The variables to pass to the template - * @param Boolean with_context Whether to pass the current context variables or not - * @param Boolean ignore_missing Whether to ignore missing templates or not - * @param Boolean sandboxed Whether to sandbox the template or not + * @param string $template The template to render + * @param array $variables The variables to pass to the template + * @param Boolean $with_context Whether to pass the current context variables or not + * @param Boolean $ignore_missing Whether to ignore missing templates or not + * @param Boolean $sandboxed Whether to sandbox the template or not * * @return string The rendered template */ diff --git a/test/Twig/Tests/Fixtures/functions/include/autoescaping.test b/test/Twig/Tests/Fixtures/functions/include/autoescaping.test new file mode 100644 index 0000000..56f8f3b --- /dev/null +++ b/test/Twig/Tests/Fixtures/functions/include/autoescaping.test @@ -0,0 +1,10 @@ +--TEST-- +"include" function is safe for auto-escaping +--TEMPLATE-- +{{ include("foo.twig") }} +--TEMPLATE(foo.twig)-- +

Test

+--DATA-- +return array() +--EXPECT-- +

Test

-- 1.7.2.5