Template escaping
This commit is contained in:
Lukas Bestle
@@ -23,10 +23,11 @@ $src = null;
|
||||
$lightbox = $link->isEmpty();
|
||||
|
||||
if ($block->location() == 'web') {
|
||||
$src = $block->src();
|
||||
$src = $block->src();
|
||||
$srcValue = $src->escape('attr');
|
||||
} elseif ($image = $block->image()->toFile()) {
|
||||
$alt = $alt->or($image->alt());
|
||||
$src = $image->url();
|
||||
$src = $srcValue = $image->url();
|
||||
}
|
||||
|
||||
if ($ratio !== 'auto') {
|
||||
@@ -44,10 +45,10 @@ $attrs = attr([
|
||||
]);
|
||||
|
||||
?>
|
||||
<?php if ($src): ?>
|
||||
<?php if ($srcValue): ?>
|
||||
<figure>
|
||||
<a <?= $attrs ?>>
|
||||
<img src="<?= $src ?>" alt="<?= $alt ?>">
|
||||
<img src="<?= $srcValue ?>" alt="<?= esc($alt, 'attr') ?>">
|
||||
</a>
|
||||
|
||||
<?php if ($caption->isNotEmpty()): ?>
|
||||
|
||||
@@ -23,7 +23,7 @@
|
||||
<h2>Pages</h2>
|
||||
<ul>
|
||||
<?php foreach ($site->children()->listed() as $example): ?>
|
||||
<li><a href="<?= $example->url() ?>"><?= $example->title()->html() ?></a></li>
|
||||
<li><a href="<?= $example->url() ?>"><?= $example->title()->esc() ?></a></li>
|
||||
<?php endforeach ?>
|
||||
</ul>
|
||||
</div>
|
||||
|
||||
@@ -24,7 +24,7 @@
|
||||
site and the title of the current page
|
||||
*/
|
||||
?>
|
||||
<title><?= $site->title() ?> | <?= $page->title() ?></title>
|
||||
<title><?= $site->title()->esc() ?> | <?= $page->title()->esc() ?></title>
|
||||
|
||||
<?php
|
||||
/*
|
||||
@@ -60,7 +60,7 @@
|
||||
*/
|
||||
?>
|
||||
<a class="logo" href="<?= $site->url() ?>">
|
||||
<?= $site->title()->html() ?>
|
||||
<?= $site->title()->esc() ?>
|
||||
</a>
|
||||
|
||||
<nav class="menu">
|
||||
@@ -78,7 +78,7 @@
|
||||
*/
|
||||
?>
|
||||
<?php foreach ($site->children()->listed() as $item): ?>
|
||||
<a <?php e($item->isOpen(), 'aria-current ') ?> href="<?= $item->url() ?>"><?= $item->title()->html() ?></a>
|
||||
<a <?php e($item->isOpen(), 'aria-current ') ?> href="<?= $item->url() ?>"><?= $item->title()->esc() ?></a>
|
||||
<?php endforeach ?>
|
||||
<?php snippet('social') ?>
|
||||
</nav>
|
||||
|
||||
@@ -13,8 +13,8 @@
|
||||
*/
|
||||
?>
|
||||
<header class="h1">
|
||||
<h1><?= $page->headline()->or($page->title())->html() ?></h1>
|
||||
<h1><?= $page->headline()->or($page->title())->esc() ?></h1>
|
||||
<?php if ($page->subheadline()->isNotEmpty()): ?>
|
||||
<p class="color-grey"><?= $page->subheadline()->html() ?></p>
|
||||
<p class="color-grey"><?= $page->subheadline()->esc() ?></p>
|
||||
<?php endif ?>
|
||||
</header>
|
||||
|
||||
@@ -11,9 +11,9 @@
|
||||
*/
|
||||
?>
|
||||
<?php foreach ($field->toLayouts() as $layout): ?>
|
||||
<section class="grid margin-xl" id="<?= $layout->id() ?>" style="--gutter: 1.5rem">
|
||||
<section class="grid margin-xl" id="<?= esc($layout->id(), 'attr') ?>" style="--gutter: 1.5rem">
|
||||
<?php foreach ($layout->columns() as $column): ?>
|
||||
<div class="column" style="--columns:<?= $column->span() ?>">
|
||||
<div class="column" style="--columns:<?= esc($column->span(), 'css') ?>">
|
||||
<div class="text">
|
||||
<?= $column->blocks() ?>
|
||||
</div>
|
||||
|
||||
@@ -18,7 +18,7 @@
|
||||
<?php endif ?>
|
||||
</figure>
|
||||
|
||||
<h2 class="note-excerpt-title"><?= $note->title() ?></h2>
|
||||
<h2 class="note-excerpt-title"><?= $note->title()->esc() ?></h2>
|
||||
<time class="note-excerpt-date" datetime="<?= $note->published('c') ?>"><?= $note->published() ?></time>
|
||||
</header>
|
||||
<?php if (($excerpt ?? true) !== false): ?>
|
||||
|
||||
Reference in New Issue
Block a user