mirror of
https://we.phorge.it/source/phorge.git
synced 2024-11-27 01:02:42 +01:00
Convert everything to safe HTML
Summary: Sgrepped for `"=~/</"` and manually changed every HTML. Test Plan: This doesn't work yet but it is hopefully one of the last diffs before Phabricator will be undoubtedly HTML safe. Reviewers: epriestley CC: aran, Korvin Maniphest Tasks: T2432 Differential Revision: https://secure.phabricator.com/D4927
This commit is contained in:
parent
718d22d607
commit
4eb84149c2
60 changed files with 485 additions and 424 deletions
|
@ -9,7 +9,7 @@
|
|||
final class AphrontRequest {
|
||||
|
||||
// NOTE: These magic request-type parameters are automatically included in
|
||||
// certain requests (e.g., by phabricator_render_form(), JX.Request,
|
||||
// certain requests (e.g., by phabricator_form(), JX.Request,
|
||||
// JX.Workflow, and ConduitClient) and help us figure out what sort of
|
||||
// response the client expects.
|
||||
|
||||
|
|
|
@ -36,7 +36,7 @@ final class DarkConsoleErrorLogPlugin extends DarkConsolePlugin {
|
|||
$data = $this->getData();
|
||||
|
||||
$rows = array();
|
||||
$details = '';
|
||||
$details = array();
|
||||
|
||||
foreach ($data as $index => $row) {
|
||||
$file = $row['file'];
|
||||
|
@ -50,7 +50,7 @@ final class DarkConsoleErrorLogPlugin extends DarkConsolePlugin {
|
|||
$row['str'].' at ['.basename($file).':'.$line.']');
|
||||
$rows[] = array($tag);
|
||||
|
||||
$details .= hsprintf(
|
||||
$details[] = hsprintf(
|
||||
'<div class="dark-console-panel-error-details" id="row-details-%s">'.
|
||||
"%s\nStack trace:\n",
|
||||
$index,
|
||||
|
@ -73,16 +73,16 @@ final class DarkConsoleErrorLogPlugin extends DarkConsolePlugin {
|
|||
}
|
||||
}
|
||||
|
||||
$details .= phutil_tag(
|
||||
$details[] = phutil_tag(
|
||||
'a',
|
||||
array(
|
||||
'href' => $href,
|
||||
),
|
||||
$line);
|
||||
$details .= "\n";
|
||||
$details[] = "\n";
|
||||
}
|
||||
|
||||
$details .= '</div>';
|
||||
$details[] = hsprintf('</div>');
|
||||
}
|
||||
|
||||
$table = new AphrontTableView($rows);
|
||||
|
@ -90,11 +90,13 @@ final class DarkConsoleErrorLogPlugin extends DarkConsolePlugin {
|
|||
$table->setHeaders(array('Error'));
|
||||
$table->setNoDataString('No errors.');
|
||||
|
||||
return '<div>'.
|
||||
'<div>'.$table->render().'</div>'.
|
||||
'<pre class="PhabricatorMonospaced">'.
|
||||
$details.'</pre>'.
|
||||
'</div>';
|
||||
return hsprintf(
|
||||
'<div>'.
|
||||
'<div>%s</div>'.
|
||||
'<pre class="PhabricatorMonospaced">%s</pre>'.
|
||||
'</div>',
|
||||
$table->render(),
|
||||
phutil_implode_html('', $details));
|
||||
}
|
||||
}
|
||||
|
||||
|
|
|
@ -42,10 +42,10 @@ final class DarkConsoleEventPlugin extends DarkConsolePlugin {
|
|||
|
||||
$out = array();
|
||||
|
||||
$out[] =
|
||||
$out[] = hsprintf(
|
||||
'<div class="dark-console-panel-header">'.
|
||||
'<h1>Registered Event Listeners</h1>'.
|
||||
'</div>';
|
||||
'</div>');
|
||||
|
||||
$rows = array();
|
||||
foreach ($data['listeners'] as $listener) {
|
||||
|
@ -66,10 +66,10 @@ final class DarkConsoleEventPlugin extends DarkConsolePlugin {
|
|||
|
||||
$out[] = $table->render();
|
||||
|
||||
$out[] =
|
||||
$out[] = hsprintf(
|
||||
'<div class="dark-console-panel-header">'.
|
||||
'<h1>Event Log</h1>'.
|
||||
'</div>';
|
||||
'</div>');
|
||||
|
||||
$rows = array();
|
||||
foreach ($data['events'] as $event) {
|
||||
|
@ -93,6 +93,6 @@ final class DarkConsoleEventPlugin extends DarkConsolePlugin {
|
|||
$out[] = $table->render();
|
||||
|
||||
|
||||
return implode("\n", $out);
|
||||
return phutil_implode_html("\n", $out);
|
||||
}
|
||||
}
|
||||
|
|
|
@ -62,6 +62,6 @@ final class DarkConsoleRequestPlugin extends DarkConsolePlugin {
|
|||
$out[] = $table->render();
|
||||
}
|
||||
|
||||
return implode("\n", $out);
|
||||
return phutil_implode_html("\n", $out);
|
||||
}
|
||||
}
|
||||
|
|
|
@ -149,8 +149,12 @@ final class DarkConsoleServicesPlugin extends DarkConsolePlugin {
|
|||
$log = $data['log'];
|
||||
$results = array();
|
||||
|
||||
$results[] =
|
||||
$results[] = hsprintf(
|
||||
'<div class="dark-console-panel-header">'.
|
||||
'%s'.
|
||||
'<h1>Calls to External Services</h1>'.
|
||||
'<div style="clear: both;"></div>'.
|
||||
'</div>',
|
||||
phutil_tag(
|
||||
'a',
|
||||
array(
|
||||
|
@ -159,10 +163,7 @@ final class DarkConsoleServicesPlugin extends DarkConsolePlugin {
|
|||
? 'disabled button'
|
||||
: 'green button',
|
||||
),
|
||||
'Analyze Query Plans').
|
||||
'<h1>Calls to External Services</h1>'.
|
||||
'<div style="clear: both;"></div>'.
|
||||
'</div>';
|
||||
'Analyze Query Plans'));
|
||||
|
||||
$page_total = $data['end'] - $data['start'];
|
||||
$totals = array();
|
||||
|
@ -271,7 +272,7 @@ final class DarkConsoleServicesPlugin extends DarkConsolePlugin {
|
|||
|
||||
$results[] = $table->render();
|
||||
|
||||
return implode("\n", $results);
|
||||
return phutil_implode_html("\n", $results);
|
||||
}
|
||||
}
|
||||
|
||||
|
|
|
@ -51,18 +51,22 @@ final class DarkConsoleXHProfPlugin extends DarkConsolePlugin {
|
|||
'class' => 'bright-link',
|
||||
),
|
||||
'Installation Guide');
|
||||
return
|
||||
return hsprintf(
|
||||
'<div class="dark-console-no-content">'.
|
||||
'The "xhprof" PHP extension is not available. Install xhprof '.
|
||||
'to enable the XHProf console plugin. You can find instructions in '.
|
||||
'the '.$install_guide.'.'.
|
||||
'</div>';
|
||||
'the %s.'.
|
||||
'</div>',
|
||||
$install_guide);
|
||||
}
|
||||
|
||||
$result = array();
|
||||
|
||||
$header =
|
||||
$header = hsprintf(
|
||||
'<div class="dark-console-panel-header">'.
|
||||
'%s'.
|
||||
'<h1>XHProf Profiler</h1>'.
|
||||
'</div>',
|
||||
phutil_tag(
|
||||
'a',
|
||||
array(
|
||||
|
@ -71,28 +75,28 @@ final class DarkConsoleXHProfPlugin extends DarkConsolePlugin {
|
|||
? 'disabled button'
|
||||
: 'green button',
|
||||
),
|
||||
'Profile Page').
|
||||
'<h1>XHProf Profiler</h1>'.
|
||||
'</div>';
|
||||
'Profile Page'));
|
||||
$result[] = $header;
|
||||
|
||||
if ($run) {
|
||||
$result[] =
|
||||
'<a href="/xhprof/profile/'.$run.'/" '.
|
||||
$result[] = hsprintf(
|
||||
'<a href="/xhprof/profile/%s/" '.
|
||||
'class="bright-link" '.
|
||||
'style="float: right; margin: 1em 2em 0 0;'.
|
||||
'font-weight: bold;" '.
|
||||
'target="_blank">Profile Permalink</a>'.
|
||||
'<iframe src="/xhprof/profile/'.$run.'/?frame=true"></iframe>';
|
||||
'<iframe src="/xhprof/profile/%s/?frame=true"></iframe>',
|
||||
$run,
|
||||
$run);
|
||||
} else {
|
||||
$result[] =
|
||||
$result[] = hsprintf(
|
||||
'<div class="dark-console-no-content">'.
|
||||
'Profiling was not enabled for this page. Use the button above '.
|
||||
'to enable it.'.
|
||||
'</div>';
|
||||
'</div>');
|
||||
}
|
||||
|
||||
return implode("\n", $result);
|
||||
return phutil_implode_html("\n", $result);
|
||||
}
|
||||
|
||||
|
||||
|
|
|
@ -13,7 +13,7 @@ final class AphrontWebpageResponse extends AphrontHTMLResponse {
|
|||
}
|
||||
|
||||
public function buildResponseString() {
|
||||
return $this->content;
|
||||
return hsprintf('%s', $this->content);
|
||||
}
|
||||
|
||||
}
|
||||
|
|
|
@ -138,8 +138,8 @@ EOBODY;
|
|||
|
||||
$panel = new AphrontPanelView();
|
||||
$panel->setWidth(AphrontPanelView::WIDTH_FORM);
|
||||
$panel->appendChild('
|
||||
<h1>'.pht('Forgot Password / Email Login').'</h1>');
|
||||
$panel->appendChild(phutil_tag('h1', array(), pht(
|
||||
'Forgot Password / Email Login')));
|
||||
$panel->appendChild($email_auth);
|
||||
$panel->setNoBackground();
|
||||
|
||||
|
|
|
@ -131,7 +131,7 @@ final class PhabricatorLDAPLoginController extends PhabricatorAuthController {
|
|||
|
||||
$panel = new AphrontPanelView();
|
||||
$panel->setWidth(AphrontPanelView::WIDTH_FORM);
|
||||
$panel->appendChild('<h1>'.pht('LDAP login').'</h1>');
|
||||
$panel->appendChild(phutil_tag('h1', array(), pht('LDAP login')));
|
||||
$panel->appendChild($ldap_form);
|
||||
|
||||
$error_view = null;
|
||||
|
|
|
@ -53,7 +53,9 @@ final class PhabricatorLoginValidateController
|
|||
'<p>%s</p>%s<p>%s</p>',
|
||||
pht('Login failed:'),
|
||||
$list,
|
||||
pht('<strong>Clear your cookies</strong> and try again.')));
|
||||
pht(
|
||||
'<strong>Clear your cookies</strong> and try again.',
|
||||
hsprintf(''))));
|
||||
$view->appendChild(hsprintf(
|
||||
'<div class="aphront-failure-continue">'.
|
||||
'<a class="button" href="/login/">%s</a>'.
|
||||
|
|
|
@ -186,11 +186,11 @@ final class PhabricatorOAuthDiagnosticsController
|
|||
|
||||
$panel_view = new AphrontPanelView();
|
||||
$panel_view->setHeader($title);
|
||||
$panel_view->appendChild(
|
||||
$panel_view->appendChild(hsprintf(
|
||||
'<p class="aphront-panel-instructions">These tests may be able to '.
|
||||
'help diagnose the root cause of problems you experience with '.
|
||||
$provider->getProviderName() .
|
||||
' Authentication. Reload the page to run the tests again.</p>');
|
||||
'help diagnose the root cause of problems you experience with %s '.
|
||||
'Authentication. Reload the page to run the tests again.</p>',
|
||||
$provider->getProviderName()));
|
||||
$panel_view->appendChild($table_view);
|
||||
|
||||
return $this->buildStandardPageResponse(
|
||||
|
|
|
@ -203,10 +203,9 @@ abstract class PhabricatorController extends AphrontController {
|
|||
$view = new PhabricatorStandardPageView();
|
||||
$view->setRequest($request);
|
||||
$view->setController($this);
|
||||
$view->appendChild(
|
||||
'<div style="padding: 2em 0;">'.
|
||||
$response->buildResponseString().
|
||||
'</div>');
|
||||
$view->appendChild(hsprintf(
|
||||
'<div style="padding: 2em 0;">%s</div>',
|
||||
$response->buildResponseString()));
|
||||
$response = new AphrontWebpageResponse();
|
||||
$response->setContent($view->render());
|
||||
return $response;
|
||||
|
|
|
@ -59,11 +59,11 @@ final class PhabricatorConduitListController
|
|||
|
||||
$utils = new AphrontPanelView();
|
||||
$utils->setHeader('Utilities');
|
||||
$utils->appendChild(
|
||||
$utils->appendChild(hsprintf(
|
||||
'<ul>'.
|
||||
'<li><a href="/conduit/log/">Log</a> - Conduit Method Calls</li>'.
|
||||
'<li><a href="/conduit/token/">Token</a> - Certificate Install</li>'.
|
||||
'</ul>');
|
||||
'</ul>'));
|
||||
$utils->setWidth(AphrontPanelView::WIDTH_FULL);
|
||||
|
||||
$this->setShowSideNav(false);
|
||||
|
|
|
@ -23,20 +23,18 @@ final class PhabricatorConfigResponse extends AphrontHTMLResponse {
|
|||
|
||||
$view = $this->view->render();
|
||||
|
||||
$template = <<<EOTEMPLATE
|
||||
<!doctype html>
|
||||
<html>
|
||||
<head>
|
||||
<title>Phabricator Setup</title>
|
||||
{$resources}
|
||||
</head>
|
||||
<body class="setup-fatal">
|
||||
{$view}
|
||||
</body>
|
||||
</html>
|
||||
EOTEMPLATE;
|
||||
|
||||
return $template;
|
||||
return hsprintf(
|
||||
'<!DOCTYPE html>'.
|
||||
'<html>'.
|
||||
'<head>'.
|
||||
'<meta charset="UTF-8" />'.
|
||||
'<title>Phabricator Setup</title>'.
|
||||
'%s'.
|
||||
'</head>'.
|
||||
'<body class="setup-fatal">%s</body>'.
|
||||
'</html>',
|
||||
$resources,
|
||||
$view);
|
||||
}
|
||||
|
||||
private function buildResources() {
|
||||
|
@ -49,11 +47,12 @@ EOTEMPLATE;
|
|||
|
||||
$resources = array();
|
||||
foreach ($css as $path) {
|
||||
$resources[] = '<style type="text/css">';
|
||||
$resources[] = Filesystem::readFile($webroot.'/rsrc/css/'.$path);
|
||||
$resources[] = '</style>';
|
||||
$resources[] = phutil_tag(
|
||||
'style',
|
||||
array('type' => 'text/css'),
|
||||
Filesystem::readFile($webroot.'/rsrc/css/'.$path));
|
||||
}
|
||||
return implode("\n", $resources);
|
||||
return phutil_implode_html("\n", $resources);
|
||||
}
|
||||
|
||||
|
||||
|
|
|
@ -149,7 +149,7 @@ final class ConpherenceViewController extends
|
|||
->setMarkupEngine($engine)
|
||||
->render();
|
||||
}
|
||||
$transactions = implode(' ', $rendered_transactions);
|
||||
$transactions = phutil_implode_html(' ', $rendered_transactions);
|
||||
|
||||
$form =
|
||||
id(new AphrontFormView())
|
||||
|
@ -292,7 +292,7 @@ final class ConpherenceViewController extends
|
|||
->setNoDataString(pht('No files attached to conpherence.'))
|
||||
->setHeaders(array('', pht('Name')))
|
||||
->setColumnClasses(array('', 'wide'));
|
||||
return new PhutilSafeHTML($header->render() . $table->render());
|
||||
return hsprintf('%s%s', $header->render(), $table->render());
|
||||
}
|
||||
|
||||
private function renderTaskWidgetPaneContent() {
|
||||
|
@ -328,7 +328,7 @@ final class ConpherenceViewController extends
|
|||
->setColumnClasses(array('', 'wide'));
|
||||
$content[] = $table->render();
|
||||
}
|
||||
return new PhutilSafeHTML(implode('', $content));
|
||||
return phutil_implode_html('', $content);
|
||||
}
|
||||
|
||||
private function renderCalendarWidgetPaneContent() {
|
||||
|
@ -416,7 +416,7 @@ final class ConpherenceViewController extends
|
|||
}
|
||||
}
|
||||
|
||||
return new PhutilSafeHTML(implode('', $content));
|
||||
return phutil_implode_html('', $content);
|
||||
}
|
||||
|
||||
private function getCalendarWidgetWeekTimestamps() {
|
||||
|
|
|
@ -77,35 +77,35 @@ final class PhabricatorWorkerTaskUpdateController
|
|||
$dialog->addSubmitButton('Retry Task');
|
||||
} else {
|
||||
$dialog->setTitle('Can Not Retry');
|
||||
$dialog->appendChild(
|
||||
'<p>Only archived, unsuccessful tasks can be retried.</p>');
|
||||
$dialog->appendChild(phutil_tag('p', array(), pht(
|
||||
'Only archived, unsuccessful tasks can be retried.')));
|
||||
}
|
||||
break;
|
||||
case 'cancel':
|
||||
if ($can_cancel) {
|
||||
$dialog->setTitle('Really cancel task?');
|
||||
$dialog->appendChild(
|
||||
'<p>The work this task represents will never be performed if you '.
|
||||
'cancel it. Are you sure you want to cancel it?</p>');
|
||||
$dialog->appendChild(phutil_tag('p', array(), pht(
|
||||
'The work this task represents will never be performed if you '.
|
||||
'cancel it. Are you sure you want to cancel it?')));
|
||||
$dialog->addSubmitButton('Cancel Task');
|
||||
} else {
|
||||
$dialog->setTitle('Can Not Cancel');
|
||||
$dialog->appendChild(
|
||||
'<p>Only active tasks can be cancelled.</p>');
|
||||
$dialog->appendChild(phutil_tag('p', array(), pht(
|
||||
'Only active tasks can be cancelled.')));
|
||||
}
|
||||
break;
|
||||
case 'release':
|
||||
if ($can_release) {
|
||||
$dialog->setTitle('Really free task lease?');
|
||||
$dialog->appendChild(
|
||||
'<p>If the process which owns the task lease is still doing work '.
|
||||
$dialog->appendChild(phutil_tag('p', array(), pht(
|
||||
'If the process which owns the task lease is still doing work '.
|
||||
'on it, the work may be performed twice. Are you sure you '.
|
||||
'want to free the lease?</p>');
|
||||
'want to free the lease?')));
|
||||
$dialog->addSubmitButton('Free Lease');
|
||||
} else {
|
||||
$dialog->setTitle('Can Not Free Lease');
|
||||
$dialog->appendChild(
|
||||
'<p>Only active, leased tasks may have their leases freed.</p>');
|
||||
$dialog->appendChild(phutil_tag('p', array(), pht(
|
||||
'Only active, leased tasks may have their leases freed.')));
|
||||
}
|
||||
break;
|
||||
default:
|
||||
|
|
|
@ -25,16 +25,21 @@ final class DifferentialDiffViewController extends DifferentialController {
|
|||
'href' => PhabricatorEnv::getURI('/D'.$diff->getRevisionID()),
|
||||
),
|
||||
'D'.$diff->getRevisionID());
|
||||
$top_panel->appendChild(
|
||||
"<h1>".pht('This diff belongs to revision %s', $link)."</h1>");
|
||||
$top_panel->appendChild(phutil_tag(
|
||||
'h1',
|
||||
array(),
|
||||
pht('This diff belongs to revision %s', $link)));
|
||||
} else {
|
||||
$action_panel = new AphrontPanelView();
|
||||
$action_panel->setHeader('Preview Diff');
|
||||
$action_panel->setWidth(AphrontPanelView::WIDTH_WIDE);
|
||||
$action_panel->appendChild(
|
||||
'<p class="aphront-panel-instructions">'.pht('Review the diff for '.
|
||||
'correctness. When you are satisfied, either <strong>create a new '.
|
||||
'revision</strong> or <strong>update an existing revision</strong>.'));
|
||||
$action_panel->appendChild(hsprintf(
|
||||
'<p class="aphront-panel-instructions">%s</p>',
|
||||
pht(
|
||||
'Review the diff for correctness. When you are satisfied, either '.
|
||||
'<strong>create a new revision</strong> or <strong>update '.
|
||||
'an existing revision</strong>.',
|
||||
hsprintf(''))));
|
||||
|
||||
// TODO: implmenent optgroup support in AphrontFormSelectControl?
|
||||
$select = array();
|
||||
|
|
|
@ -1100,7 +1100,7 @@ final class DifferentialChangesetParser {
|
|||
* indicator of how well tested a change is.
|
||||
*/
|
||||
public function renderModifiedCoverage() {
|
||||
$na = '<em>-</em>';
|
||||
$na = phutil_tag('em', array(), '-');
|
||||
|
||||
$coverage = $this->getCoverage();
|
||||
if (!$coverage) {
|
||||
|
|
|
@ -21,27 +21,34 @@ abstract class DifferentialChangesetHTMLRenderer
|
|||
return null;
|
||||
}
|
||||
} else {
|
||||
$none = $none;
|
||||
switch ($change) {
|
||||
|
||||
case DifferentialChangeType::TYPE_ADD:
|
||||
switch ($file) {
|
||||
case DifferentialChangeType::FILE_TEXT:
|
||||
$message = pht('This file was <strong>added</strong>.');
|
||||
$message = pht('This file was <strong>added</strong>.', $none);
|
||||
break;
|
||||
case DifferentialChangeType::FILE_IMAGE:
|
||||
$message = pht('This image was <strong>added</strong>.');
|
||||
$message = pht('This image was <strong>added</strong>.', $none);
|
||||
break;
|
||||
case DifferentialChangeType::FILE_DIRECTORY:
|
||||
$message = pht('This directory was <strong>added</strong>.');
|
||||
$message = pht(
|
||||
'This directory was <strong>added</strong>.',
|
||||
$none);
|
||||
break;
|
||||
case DifferentialChangeType::FILE_BINARY:
|
||||
$message = pht('This binary file was <strong>added</strong>.');
|
||||
$message = pht(
|
||||
'This binary file was <strong>added</strong>.',
|
||||
$none);
|
||||
break;
|
||||
case DifferentialChangeType::FILE_SYMLINK:
|
||||
$message = pht('This symlink was <strong>added</strong>.');
|
||||
$message = pht('This symlink was <strong>added</strong>.', $none);
|
||||
break;
|
||||
case DifferentialChangeType::FILE_SUBMODULE:
|
||||
$message = pht('This submodule was <strong>added</strong>.');
|
||||
$message = pht(
|
||||
'This submodule was <strong>added</strong>.',
|
||||
$none);
|
||||
break;
|
||||
}
|
||||
break;
|
||||
|
@ -49,22 +56,30 @@ abstract class DifferentialChangesetHTMLRenderer
|
|||
case DifferentialChangeType::TYPE_DELETE:
|
||||
switch ($file) {
|
||||
case DifferentialChangeType::FILE_TEXT:
|
||||
$message = pht('This file was <strong>deleted</strong>.');
|
||||
$message = pht('This file was <strong>deleted</strong>.', $none);
|
||||
break;
|
||||
case DifferentialChangeType::FILE_IMAGE:
|
||||
$message = pht('This image was <strong>deleted</strong>.');
|
||||
$message = pht('This image was <strong>deleted</strong>.', $none);
|
||||
break;
|
||||
case DifferentialChangeType::FILE_DIRECTORY:
|
||||
$message = pht('This directory was <strong>deleted</strong>.');
|
||||
$message = pht(
|
||||
'This directory was <strong>deleted</strong>.',
|
||||
$none);
|
||||
break;
|
||||
case DifferentialChangeType::FILE_BINARY:
|
||||
$message = pht('This binary file was <strong>deleted</strong>.');
|
||||
$message = pht(
|
||||
'This binary file was <strong>deleted</strong>.',
|
||||
$none);
|
||||
break;
|
||||
case DifferentialChangeType::FILE_SYMLINK:
|
||||
$message = pht('This symlink was <strong>deleted</strong>.');
|
||||
$message = pht(
|
||||
'This symlink was <strong>deleted</strong>.',
|
||||
$none);
|
||||
break;
|
||||
case DifferentialChangeType::FILE_SUBMODULE:
|
||||
$message = pht('This submodule was <strong>deleted</strong>.');
|
||||
$message = pht(
|
||||
'This submodule was <strong>deleted</strong>.',
|
||||
$none);
|
||||
break;
|
||||
}
|
||||
break;
|
||||
|
@ -235,10 +250,9 @@ abstract class DifferentialChangesetHTMLRenderer
|
|||
}
|
||||
}
|
||||
|
||||
return
|
||||
'<div class="differential-meta-notice">'.
|
||||
$message.
|
||||
'</div>';
|
||||
return hsprintf(
|
||||
'<div class="differential-meta-notice">%s</div>',
|
||||
$message);
|
||||
}
|
||||
|
||||
protected function renderPropertyChangeHeader() {
|
||||
|
@ -279,15 +293,20 @@ abstract class DifferentialChangesetHTMLRenderer
|
|||
}
|
||||
}
|
||||
|
||||
return
|
||||
'<table class="differential-property-table">'.
|
||||
array_unshift($rows, hsprintf(
|
||||
'<tr class="property-table-header">'.
|
||||
'<th>'.pht('Property Changes').'</th>'.
|
||||
'<td class="oval">'.pht('Old Value').'</td>'.
|
||||
'<td class="nval">'.pht('New Value').'</td>'.
|
||||
'</tr>'.
|
||||
implode('', $rows).
|
||||
'</table>';
|
||||
'<th>%s</th>'.
|
||||
'<td class="oval">%s</td>'.
|
||||
'<td class="nval">%s</td>'.
|
||||
'</tr>',
|
||||
pht('Property Changes'),
|
||||
pht('Old Value'),
|
||||
pht('New Value')));
|
||||
|
||||
return phutil_tag(
|
||||
'table',
|
||||
array('class' => 'differential-property-table'),
|
||||
$rows);
|
||||
}
|
||||
|
||||
public function renderShield($message, $force = 'default') {
|
||||
|
@ -352,9 +371,6 @@ abstract class DifferentialChangesetHTMLRenderer
|
|||
return null;
|
||||
}
|
||||
|
||||
// TODO: [HTML] After TwoUpRenderer gets refactored, fix this.
|
||||
$content = phutil_safe_html($content);
|
||||
|
||||
return javelin_tag(
|
||||
'table',
|
||||
array(
|
||||
|
|
|
@ -20,32 +20,32 @@ final class DifferentialChangesetOneUpRenderer
|
|||
switch ($type) {
|
||||
case 'old':
|
||||
case 'new':
|
||||
$out[] = '<tr>';
|
||||
$out[] = hsprintf('<tr>');
|
||||
if ($type == 'old') {
|
||||
if ($p['htype']) {
|
||||
$class = 'left old';
|
||||
} else {
|
||||
$class = 'left';
|
||||
}
|
||||
$out[] = '<th>'.$p['line'].'</th>';
|
||||
$out[] = '<th></th>';
|
||||
$out[] = '<td class="'.$class.'">'.$p['render'].'</td>';
|
||||
$out[] = hsprintf('<th>%s</th>', $p['line']);
|
||||
$out[] = hsprintf('<th></th>');
|
||||
$out[] = hsprintf('<td class="%s">%s</td>', $class, $p['render']);
|
||||
} else if ($type == 'new') {
|
||||
if ($p['htype']) {
|
||||
$class = 'right new';
|
||||
$out[] = '<th />';
|
||||
$out[] = hsprintf('<th />');
|
||||
} else {
|
||||
$class = 'right';
|
||||
$out[] = '<th>'.$p['oline'].'</th>';
|
||||
$out[] = hsprintf('<th>%s</th>', $p['oline']);
|
||||
}
|
||||
$out[] = '<th>'.$p['line'].'</th>';
|
||||
$out[] = '<td class="'.$class.'">'.$p['render'].'</td>';
|
||||
$out[] = hsprintf('<th>%s</th>', $p['line']);
|
||||
$out[] = hsprintf('<td class="%s">%s</td>', $class, $p['render']);
|
||||
}
|
||||
$out[] = '</tr>';
|
||||
$out[] = hsprintf('</tr>');
|
||||
break;
|
||||
case 'inline':
|
||||
$out[] = '<tr><th /><th />';
|
||||
$out[] = '<td>';
|
||||
$out[] = hsprintf('<tr><th /><th />');
|
||||
$out[] = hsprintf('<td>');
|
||||
|
||||
$inline = $this->buildInlineComment(
|
||||
$p['comment'],
|
||||
|
@ -53,16 +53,16 @@ final class DifferentialChangesetOneUpRenderer
|
|||
$inline->setBuildScaffolding(false);
|
||||
$out[] = $inline->render();
|
||||
|
||||
$out[] = '</td></tr>';
|
||||
$out[] = hsprintf('</td></tr>');
|
||||
break;
|
||||
default:
|
||||
$out[] = '<tr><th /><th /><td>'.$type.'</td></tr>';
|
||||
$out[] = hsprintf('<tr><th /><th /><td>%s</td></tr>', $type);
|
||||
break;
|
||||
}
|
||||
}
|
||||
|
||||
if ($out) {
|
||||
return $this->wrapChangeInTable(implode('', $out));
|
||||
return $this->wrapChangeInTable(phutil_implode_html('', $out));
|
||||
}
|
||||
return null;
|
||||
}
|
||||
|
|
|
@ -205,7 +205,7 @@ final class DifferentialChangesetTwoUpRenderer
|
|||
}
|
||||
}
|
||||
|
||||
$n_copy = '<td class="copy" />';
|
||||
$n_copy = hsprintf('<td class="copy" />');
|
||||
$n_cov = null;
|
||||
$n_colspan = 2;
|
||||
$n_classes = '';
|
||||
|
@ -224,7 +224,7 @@ final class DifferentialChangesetTwoUpRenderer
|
|||
$cov_class = $coverage[$n_num - 1];
|
||||
}
|
||||
$cov_class = 'cov-'.$cov_class;
|
||||
$n_cov = '<td class="cov '.$cov_class.'"></td>';
|
||||
$n_cov = hsprintf('<td class="cov %s"></td>', $cov_class);
|
||||
$n_colspan--;
|
||||
}
|
||||
|
||||
|
@ -242,7 +242,7 @@ final class DifferentialChangesetTwoUpRenderer
|
|||
$n_classes = $n_class;
|
||||
|
||||
if ($new_lines[$ii]['type'] == '\\' || !isset($copy_lines[$n_num])) {
|
||||
$n_copy = '<td class="copy '.$n_class.'"></td>';
|
||||
$n_copy = hsprintf('<td class="copy %s"></td>', $n_class);
|
||||
} else {
|
||||
list($orig_file, $orig_line, $orig_type) = $copy_lines[$n_num];
|
||||
$title = ($orig_type == '-' ? 'Moved' : 'Copied').' from ';
|
||||
|
@ -274,13 +274,13 @@ final class DifferentialChangesetTwoUpRenderer
|
|||
}
|
||||
|
||||
if ($o_num && $left_id) {
|
||||
$o_id = ' id="C'.$left_id.$left_char.'L'.$o_num.'"';
|
||||
$o_id = 'C'.$left_id.$left_char.'L'.$o_num;
|
||||
} else {
|
||||
$o_id = null;
|
||||
}
|
||||
|
||||
if ($n_num && $right_id) {
|
||||
$n_id = ' id="C'.$right_id.$right_char.'L'.$n_num.'"';
|
||||
$n_id = 'C'.$right_id.$right_char.'L'.$n_num;
|
||||
} else {
|
||||
$n_id = null;
|
||||
}
|
||||
|
@ -288,20 +288,26 @@ final class DifferentialChangesetTwoUpRenderer
|
|||
// NOTE: The Javascript is sensitive to whitespace changes in this
|
||||
// block!
|
||||
|
||||
$html[] =
|
||||
$html[] = hsprintf(
|
||||
'<tr>'.
|
||||
'<th'.$o_id.'>'.$o_num.'</th>'.
|
||||
'<td class="'.$o_classes.'">'.$o_text.'</td>'.
|
||||
'<th'.$n_id.'>'.$n_num.'</th>'.
|
||||
$n_copy.
|
||||
'%s'.
|
||||
'<td class="%s">%s</td>'.
|
||||
'%s'.
|
||||
'%s'.
|
||||
// NOTE: This is a unicode zero-width space, which we use as a hint
|
||||
// when intercepting 'copy' events to make sure sensible text ends
|
||||
// up on the clipboard. See the 'phabricator-oncopy' behavior.
|
||||
'<td class="'.$n_classes.'" colspan="'.$n_colspan.'">'.
|
||||
"\xE2\x80\x8B".$n_text.
|
||||
'<td class="%s" colspan="%s">'.
|
||||
"\xE2\x80\x8B%s".
|
||||
'</td>'.
|
||||
$n_cov.
|
||||
'</tr>';
|
||||
'%s'.
|
||||
'</tr>',
|
||||
phutil_tag('th', array('id' => $o_id), $o_num),
|
||||
$o_classes, $o_text,
|
||||
phutil_tag('th', array('id' => $n_id), $n_num),
|
||||
$n_copy,
|
||||
$n_classes, $n_colspan, $n_text,
|
||||
$n_cov);
|
||||
|
||||
if ($context_not_available && ($ii == $rows - 1)) {
|
||||
$html[] = $context_not_available;
|
||||
|
@ -351,7 +357,7 @@ final class DifferentialChangesetTwoUpRenderer
|
|||
}
|
||||
}
|
||||
|
||||
return $this->wrapChangeInTable(implode('', $html));
|
||||
return $this->wrapChangeInTable(phutil_implode_html('', $html));
|
||||
}
|
||||
|
||||
public function renderFileChange($old_file = null,
|
||||
|
@ -395,51 +401,57 @@ final class DifferentialChangesetTwoUpRenderer
|
|||
foreach ($this->getOldComments() as $on_line => $comment_group) {
|
||||
foreach ($comment_group as $comment) {
|
||||
$comment_html = $this->renderInlineComment($comment, $on_right = false);
|
||||
$html_old[] =
|
||||
$html_old[] = hsprintf(
|
||||
'<tr class="inline">'.
|
||||
'<th />'.
|
||||
'<td class="left">'.$comment_html.'</td>'.
|
||||
'<td class="left">%s</td>'.
|
||||
'<th />'.
|
||||
'<td class="right3" colspan="3" />'.
|
||||
'</tr>';
|
||||
'</tr>',
|
||||
$comment_html);
|
||||
}
|
||||
}
|
||||
foreach ($this->getNewComments() as $lin_line => $comment_group) {
|
||||
foreach ($comment_group as $comment) {
|
||||
$comment_html = $this->renderInlineComment($comment, $on_right = true);
|
||||
$html_new[] =
|
||||
$html_new[] = hsprintf(
|
||||
'<tr class="inline">'.
|
||||
'<th />'.
|
||||
'<td class="left" />'.
|
||||
'<th />'.
|
||||
'<td class="right3" colspan="3">'.$comment_html.'</td>'.
|
||||
'</tr>';
|
||||
'<td class="right3" colspan="3">%s</td>'.
|
||||
'</tr>',
|
||||
$comment_html);
|
||||
}
|
||||
}
|
||||
|
||||
if (!$old) {
|
||||
$th_old = '<th></th>';
|
||||
$th_old = hsprintf('<th></th>');
|
||||
} else {
|
||||
$th_old = '<th id="C'.$vs.'OL1">1</th>';
|
||||
$th_old = hsprintf('<th id="C%sOL1">1</th>', $vs);
|
||||
}
|
||||
|
||||
if (!$new) {
|
||||
$th_new = '<th></th>';
|
||||
$th_new = hsprintf('<th></th>');
|
||||
} else {
|
||||
$th_new = '<th id="C'.$id.'NL1">1</th>';
|
||||
$th_new = hsprintf('<th id="C%sNL1">1</th>', $id);
|
||||
}
|
||||
|
||||
$output =
|
||||
$output = hsprintf(
|
||||
'<tr class="differential-image-diff">'.
|
||||
$th_old.
|
||||
'<td class="left differential-old-image">'.$old.'</td>'.
|
||||
$th_new.
|
||||
'<td class="right3 differential-new-image" colspan="3">'.
|
||||
$new.
|
||||
'</td>'.
|
||||
'%s'.
|
||||
'<td class="left differential-old-image">%s</td>'.
|
||||
'%s'.
|
||||
'<td class="right3 differential-new-image" colspan="3">%s</td>'.
|
||||
'</tr>'.
|
||||
implode('', $html_old).
|
||||
implode('', $html_new);
|
||||
'%s'.
|
||||
'%s',
|
||||
$th_old,
|
||||
$old,
|
||||
$th_new,
|
||||
$new,
|
||||
phutil_implode_html('', $html_old),
|
||||
phutil_implode_html('', $html_new));
|
||||
|
||||
$output = $this->wrapChangeInTable($output);
|
||||
|
||||
|
|
|
@ -221,15 +221,20 @@ final class DifferentialChangesetListView extends AphrontView {
|
|||
),
|
||||
array('Changes discarded. ', $link));
|
||||
|
||||
$template =
|
||||
return array(
|
||||
'l' => hsprintf(
|
||||
'<table><tr>'.
|
||||
'<th></th><td>%s</td>'.
|
||||
'<th></th><td colspan="3">%s</td>'.
|
||||
'</tr></table>';
|
||||
'<th></th><td colspan="3"></td>'.
|
||||
'</tr></table>',
|
||||
$div),
|
||||
|
||||
return array(
|
||||
'l' => sprintf($template, $div, ''),
|
||||
'r' => sprintf($template, '', $div),
|
||||
'r' => hsprintf(
|
||||
'<table><tr>'.
|
||||
'<th></th><td></td>'.
|
||||
'<th></th><td colspan="3">%s</td>'.
|
||||
'</tr></table>',
|
||||
$div),
|
||||
);
|
||||
}
|
||||
|
||||
|
|
|
@ -224,7 +224,7 @@ abstract class PhabricatorFeedStory implements PhabricatorPolicyInterface {
|
|||
foreach ($phids as $phid) {
|
||||
$list[] = $this->linkTo($phid);
|
||||
}
|
||||
return implode(', ', $list);
|
||||
return phutil_implode_html(', ', $list);
|
||||
}
|
||||
|
||||
final protected function linkTo($phid) {
|
||||
|
|
|
@ -15,11 +15,11 @@ final class PhabricatorFeedStoryAudit extends PhabricatorFeedStory {
|
|||
$action = $this->getValue('action');
|
||||
$verb = PhabricatorAuditActionConstants::getActionPastTenseVerb($action);
|
||||
|
||||
$view->setTitle(
|
||||
$this->linkTo($author_phid).
|
||||
" {$verb} commit ".
|
||||
$this->linkTo($commit_phid).
|
||||
".");
|
||||
$view->setTitle(hsprintf(
|
||||
'%s %s commit %s.',
|
||||
$this->linkTo($author_phid),
|
||||
$verb,
|
||||
$this->linkTo($commit_phid)));
|
||||
|
||||
$view->setEpoch($this->getEpoch());
|
||||
|
||||
|
|
|
@ -51,7 +51,11 @@ final class PhabricatorFeedStoryDifferential extends PhabricatorFeedStory {
|
|||
|
||||
$verb = DifferentialAction::getActionPastTenseVerb($action);
|
||||
|
||||
$one_line = "{$actor_link} {$verb} revision {$revision_link}";
|
||||
$one_line = hsprintf(
|
||||
'%s %s revision %s',
|
||||
$actor_link,
|
||||
$verb,
|
||||
$revision_link);
|
||||
|
||||
return $one_line;
|
||||
}
|
||||
|
|
|
@ -66,16 +66,23 @@ final class PhabricatorFeedStoryManiphest
|
|||
case ManiphestAction::ACTION_REASSIGN:
|
||||
if ($owner_phid) {
|
||||
if ($owner_phid == $actor_phid) {
|
||||
$one_line = "{$actor_link} claimed {$task_link}";
|
||||
$one_line = hsprintf('%s claimed %s', $actor_link, $task_link);
|
||||
} else {
|
||||
$one_line = "{$actor_link} {$verb} {$task_link} to {$owner_link}";
|
||||
$one_line = hsprintf('%s %s %s to %s',
|
||||
$actor_link,
|
||||
$verb,
|
||||
$owner_link,
|
||||
$task_link);
|
||||
}
|
||||
} else {
|
||||
$one_line = "{$actor_link} placed {$task_link} up for grabs";
|
||||
$one_line = hsprintf(
|
||||
'%s placed %s up for grabs',
|
||||
$actor_link,
|
||||
$task_link);
|
||||
}
|
||||
break;
|
||||
default:
|
||||
$one_line = "{$actor_link} {$verb} {$task_link}";
|
||||
$one_line = hsprintf('%s %s %s', $actor_link, $verb, $task_link);
|
||||
break;
|
||||
}
|
||||
|
||||
|
|
|
@ -17,10 +17,11 @@ final class PhabricatorFeedStoryPhriction extends PhabricatorFeedStory {
|
|||
$action = $data->getValue('action');
|
||||
$verb = PhrictionActionConstants::getActionPastTenseVerb($action);
|
||||
|
||||
$view->setTitle(
|
||||
$this->linkTo($author_phid).
|
||||
" {$verb} the document ".
|
||||
$this->linkTo($document_phid).'.');
|
||||
$view->setTitle(hsprintf(
|
||||
'%s %s the document %s.',
|
||||
$this->linkTo($author_phid),
|
||||
$verb,
|
||||
$this->linkTo($document_phid)));
|
||||
$view->setEpoch($data->getEpoch());
|
||||
|
||||
$action = $data->getValue('action');
|
||||
|
|
|
@ -21,31 +21,25 @@ final class PhabricatorFeedStoryProject extends PhabricatorFeedStory {
|
|||
switch ($type) {
|
||||
case PhabricatorProjectTransactionType::TYPE_NAME:
|
||||
if (strlen($old)) {
|
||||
$action = 'renamed project '.
|
||||
$this->linkTo($proj_phid).
|
||||
' from '.
|
||||
$this->renderString($old).
|
||||
' to '.
|
||||
$this->renderString($new).
|
||||
'.';
|
||||
$action = hsprintf(
|
||||
'renamed project %s from %s to %s.',
|
||||
$this->linkTo($proj_phid),
|
||||
$this->renderString($old),
|
||||
$this->renderString($new));
|
||||
} else {
|
||||
$action = 'created project '.
|
||||
$this->linkTo($proj_phid).
|
||||
' (as '.
|
||||
$this->renderString($new).
|
||||
').';
|
||||
$action = hsprintf(
|
||||
'created project %s (as %s).',
|
||||
$this->linkTo($proj_phid),
|
||||
$this->renderString($new));
|
||||
}
|
||||
break;
|
||||
case PhabricatorProjectTransactionType::TYPE_STATUS:
|
||||
$action = 'changed project '.
|
||||
$this->linkTo($proj_phid).
|
||||
' status from '.
|
||||
$this->renderString(
|
||||
PhabricatorProjectStatus::getNameForStatus($old)).
|
||||
' to '.
|
||||
$this->renderString(
|
||||
PhabricatorProjectStatus::getNameForStatus($new)).
|
||||
'.';
|
||||
$action = hsprintf(
|
||||
'changed project %s status from %s to %s.',
|
||||
$this->linkTo($proj_phid),
|
||||
$this->renderString(PhabricatorProjectStatus::getNameForStatus($old)),
|
||||
$this->renderString(PhabricatorProjectStatus::getNameForStatus($new))
|
||||
);
|
||||
break;
|
||||
case PhabricatorProjectTransactionType::TYPE_MEMBERS:
|
||||
$add = array_diff($new, $old);
|
||||
|
@ -53,30 +47,33 @@ final class PhabricatorFeedStoryProject extends PhabricatorFeedStory {
|
|||
|
||||
if ((count($add) == 1) && (count($rem) == 0) &&
|
||||
(head($add) == $author_phid)) {
|
||||
$action = 'joined project '.$this->linkTo($proj_phid).'.';
|
||||
$action = hsprintf('joined project %s.', $this->linkTo($proj_phid));
|
||||
} else if ((count($add) == 0) && (count($rem) == 1) &&
|
||||
(head($rem) == $author_phid)) {
|
||||
$action = 'left project '.$this->linkTo($proj_phid).'.';
|
||||
$action = hsprintf('left project %s.', $this->linkTo($proj_phid));
|
||||
} else if (empty($rem)) {
|
||||
$action = 'added members to project '.
|
||||
$this->linkTo($proj_phid).': '.
|
||||
$this->renderHandleList($add).'.';
|
||||
$action = hsprintf(
|
||||
'added members to project %s: %s.',
|
||||
$this->linkTo($proj_phid),
|
||||
$this->renderHandleList($add));
|
||||
} else if (empty($add)) {
|
||||
$action = 'removed members from project '.
|
||||
$this->linkTo($proj_phid).': '.
|
||||
$this->renderHandleList($rem).'.';
|
||||
$action = hsprintf(
|
||||
'removed members from project %s: %s.',
|
||||
$this->linkTo($proj_phid),
|
||||
$this->renderHandleList($rem));
|
||||
} else {
|
||||
$action = 'changed members of project '.
|
||||
$this->linkTo($proj_phid).', added: '.
|
||||
$this->renderHandleList($add).'; removed: '.
|
||||
$this->renderHandleList($rem).'.';
|
||||
$action = hsprintf(
|
||||
'changed members of project %s, added: %s; removed: %s.',
|
||||
$this->linkTo($proj_phid),
|
||||
$this->renderHandleList($add),
|
||||
$this->renderHandleList($rem));
|
||||
}
|
||||
break;
|
||||
default:
|
||||
$action = 'updated project '.$this->linkTo($proj_phid).'.';
|
||||
$action = hsprintf('updated project %s.', $this->linkTo($proj_phid));
|
||||
break;
|
||||
}
|
||||
$view->setTitle($this->linkTo($author_phid).' '.$action);
|
||||
$view->setTitle(hsprintf('%s %s', $this->linkTo($author_phid), $action));
|
||||
$view->setOneLineStory(true);
|
||||
|
||||
return $view;
|
||||
|
|
|
@ -67,7 +67,7 @@ final class PhabricatorFeedStoryView extends PhabricatorFeedView {
|
|||
'href' => $this->getHref(),
|
||||
),
|
||||
),
|
||||
phutil_safe_html($this->title));
|
||||
$this->title);
|
||||
}
|
||||
|
||||
public function render() {
|
||||
|
@ -77,7 +77,7 @@ final class PhabricatorFeedStoryView extends PhabricatorFeedView {
|
|||
array(
|
||||
'class' => 'phabricator-feed-story-head',
|
||||
),
|
||||
nonempty(phutil_safe_html($this->title), 'Untitled Story'));
|
||||
nonempty($this->title, 'Untitled Story'));
|
||||
|
||||
$body = null;
|
||||
$foot = null;
|
||||
|
@ -89,7 +89,7 @@ final class PhabricatorFeedStoryView extends PhabricatorFeedView {
|
|||
array(
|
||||
'class' => 'phabricator-feed-story-body',
|
||||
),
|
||||
phutil_safe_html(implode('', $this->renderChildren())));
|
||||
$this->renderChildren());
|
||||
|
||||
if ($this->epoch) {
|
||||
$foot = phabricator_datetime($this->epoch, $this->user);
|
||||
|
|
|
@ -437,10 +437,10 @@ final class HeraldTranscriptController extends HeraldController {
|
|||
|
||||
$panel = new AphrontPanelView();
|
||||
$panel->setHeader('Rule Details');
|
||||
$panel->appendChild(
|
||||
'<ul class="herald-explain-list">'.
|
||||
implode("\n", $rule_markup).
|
||||
'</ul>');
|
||||
$panel->appendChild(phutil_tag(
|
||||
'ul',
|
||||
array('class' => 'herald-explain-list'),
|
||||
$rule_markup));
|
||||
|
||||
return $panel;
|
||||
}
|
||||
|
|
|
@ -203,10 +203,6 @@ class ManiphestAuxiliaryFieldDefaultSpecification
|
|||
break;
|
||||
}
|
||||
|
||||
if ($target == self::RENDER_TARGET_HTML) {
|
||||
$desc = phutil_escape_html($desc);
|
||||
}
|
||||
|
||||
return $desc;
|
||||
}
|
||||
|
||||
|
|
|
@ -111,7 +111,7 @@ final class ManiphestSavedQueryListController extends ManiphestController {
|
|||
'Save Default Query'));
|
||||
$panel->appendChild($table);
|
||||
|
||||
$form = phabricator_render_form(
|
||||
$form = phabricator_form(
|
||||
$user,
|
||||
array(
|
||||
'method' => 'POST',
|
||||
|
|
|
@ -18,10 +18,9 @@ final class ManiphestTaskDescriptionPreviewController
|
|||
ManiphestTask::MARKUP_FIELD_DESCRIPTION,
|
||||
$request->getUser());
|
||||
|
||||
$content =
|
||||
'<div class="phabricator-remarkup">'.
|
||||
$output.
|
||||
'</div>';
|
||||
$content = hsprintf(
|
||||
'<div class="phabricator-remarkup">%s</div>',
|
||||
$output);
|
||||
|
||||
return id(new AphrontAjaxResponse())
|
||||
->setContent($content);
|
||||
|
|
|
@ -590,9 +590,6 @@ final class ManiphestTransactionDetailView extends ManiphestView {
|
|||
DifferentialChangesetParser::parseRangeSpecification($spec);
|
||||
$output = $parser->render($range_s, $range_e, $mask);
|
||||
|
||||
// TODO: [HTML] DifferentialChangesetParser needs cleanup.
|
||||
$output = phutil_safe_html($output);
|
||||
|
||||
return $output;
|
||||
}
|
||||
|
||||
|
@ -627,7 +624,7 @@ final class ManiphestTransactionDetailView extends ManiphestView {
|
|||
$links[] = $this->handles[$phid]->renderLink();
|
||||
}
|
||||
}
|
||||
return implode(', ', $links);
|
||||
return phutil_implode_html(', ', $links);
|
||||
}
|
||||
|
||||
private function renderString($string) {
|
||||
|
|
|
@ -20,25 +20,23 @@ final class PhabricatorNotificationPanelController
|
|||
$notifications_view = $builder->buildView();
|
||||
$content = $notifications_view->render();
|
||||
} else {
|
||||
$content =
|
||||
'<div class="phabricator-notification no-notifications">'.
|
||||
'You have no notifications.'.
|
||||
'</div>';
|
||||
$content = hsprintf(
|
||||
'<div class="phabricator-notification no-notifications">%s</div>',
|
||||
pht('You have no notifications.'));
|
||||
}
|
||||
|
||||
$content =
|
||||
'<div class="phabricator-notification-header">'.
|
||||
pht('Notifications').
|
||||
'</div>'.
|
||||
$content.
|
||||
'<div class="phabricator-notification-view-all">'.
|
||||
$content = hsprintf(
|
||||
'<div class="phabricator-notification-header">%s</div>'.
|
||||
'%s'.
|
||||
'<div class="phabricator-notification-view-all">%s</div>',
|
||||
pht('Notifications'),
|
||||
$content,
|
||||
phutil_tag(
|
||||
'a',
|
||||
array(
|
||||
'href' => '/notification/',
|
||||
),
|
||||
'View All Notifications').
|
||||
'</div>';
|
||||
'View All Notifications'));
|
||||
|
||||
$unread_count = id(new PhabricatorFeedStoryNotification())
|
||||
->countUnread($user);
|
||||
|
|
|
@ -142,7 +142,7 @@ final class PhabricatorPeopleProfileController
|
|||
|
||||
$nav->appendChild($header);
|
||||
|
||||
$content = '<div style="padding: 1em;">'.$content.'</div>';
|
||||
$content = hsprintf('<div style="padding: 1em;">%s</div>', $content);
|
||||
$header->appendChild($content);
|
||||
|
||||
if ($user->getPHID() == $viewer->getPHID()) {
|
||||
|
@ -230,12 +230,11 @@ final class PhabricatorPeopleProfileController
|
|||
$builder->setUser($viewer);
|
||||
$view = $builder->buildView();
|
||||
|
||||
return
|
||||
return hsprintf(
|
||||
'<div class="phabricator-profile-info-group">
|
||||
<h1 class="phabricator-profile-info-header">Activity Feed</h1>
|
||||
<div class="phabricator-profile-info-pane">
|
||||
'.$view->render().'
|
||||
</div>
|
||||
</div>';
|
||||
<div class="phabricator-profile-info-pane">%s</div>
|
||||
</div>',
|
||||
$view->render());
|
||||
}
|
||||
}
|
||||
|
|
|
@ -23,7 +23,7 @@ extends PhameController {
|
|||
PhamePost::MARKUP_FIELD_BODY,
|
||||
$user);
|
||||
|
||||
$content = '<div class="phabricator-remarkup">'.$content.'</div>';
|
||||
$content = hsprintf('<div class="phabricator-remarkup">%s</div>', $content);
|
||||
|
||||
return id(new AphrontAjaxResponse())->setContent($content);
|
||||
}
|
||||
|
|
|
@ -123,7 +123,7 @@ abstract class PhameBasicBlogSkin extends PhameBlogSkin {
|
|||
}
|
||||
|
||||
protected function render404Page() {
|
||||
return '<h2>404 Not Found</h2>';
|
||||
return hsprintf('<h2>404 Not Found</h2>');
|
||||
}
|
||||
|
||||
final public function getResourceURI($resource) {
|
||||
|
|
|
@ -26,7 +26,7 @@ final class PhameBasicTemplateBlogSkin extends PhameBasicBlogSkin {
|
|||
'href' => $this->getResourceURI('css/'.$path),
|
||||
));
|
||||
}
|
||||
$this->cssResources = implode("\n", $this->cssResources);
|
||||
$this->cssResources = phutil_implode_html("\n", $this->cssResources);
|
||||
}
|
||||
|
||||
$request = $this->getRequest();
|
||||
|
@ -43,7 +43,7 @@ final class PhameBasicTemplateBlogSkin extends PhameBasicBlogSkin {
|
|||
);
|
||||
|
||||
$response = new AphrontWebpageResponse();
|
||||
$response->setContent(implode("\n", $content));
|
||||
$response->setContent(phutil_implode_html("\n", $content));
|
||||
|
||||
return $response;
|
||||
}
|
||||
|
|
|
@ -145,7 +145,7 @@ final class PholioMockViewController extends PholioController {
|
|||
foreach ($subscribers as $subscriber) {
|
||||
$sub_view[] = $this->getHandle($subscriber)->renderLink();
|
||||
}
|
||||
$sub_view = implode(', ', $sub_view);
|
||||
$sub_view = phutil_implode_html(', ', $sub_view);
|
||||
} else {
|
||||
$sub_view = phutil_tag('em', array(), pht('None'));
|
||||
}
|
||||
|
|
|
@ -14,12 +14,15 @@ final class PhabricatorXHPASTViewFramesetController
|
|||
|
||||
$response = new AphrontWebpageResponse();
|
||||
$response->setFrameable(true);
|
||||
$response->setContent(
|
||||
'<frameset cols="33%, 34%, 33%">'.
|
||||
'<frame src="/xhpast/input/'.$id.'/" />'.
|
||||
'<frame src="/xhpast/tree/'.$id.'/" />'.
|
||||
'<frame src="/xhpast/stream/'.$id.'/" />'.
|
||||
'</frameset>');
|
||||
$response->setContent(hsprintf(
|
||||
'<frameset cols="33%%, 34%%, 33%%">'.
|
||||
'<frame src="/xhpast/input/%s/" />'.
|
||||
'<frame src="/xhpast/tree/%s/" />'.
|
||||
'<frame src="/xhpast/stream/%s/" />'.
|
||||
'</frameset>',
|
||||
$id,
|
||||
$id,
|
||||
$id));
|
||||
|
||||
return $response;
|
||||
}
|
||||
|
|
|
@ -70,7 +70,8 @@ final class PonderAnswerListView extends AphrontView {
|
|||
|
||||
$panel->appendChild($view);
|
||||
$panel->appendChild($commentview);
|
||||
$panel->appendChild('<div style="height: 40px; clear : both"></div>');
|
||||
$panel->appendChild(
|
||||
hsprintf('<div style="height: 40px; clear : both"></div>'));
|
||||
|
||||
}
|
||||
|
||||
|
|
|
@ -112,7 +112,7 @@ final class PhabricatorProjectMembersEditController
|
|||
$panel->setHeader($header_name);
|
||||
$panel->setWidth(AphrontPanelView::WIDTH_FORM);
|
||||
$panel->appendChild($form);
|
||||
$panel->appendChild('<br />');
|
||||
$panel->appendChild(phutil_tag('br'));
|
||||
$panel->appendChild($faux_form);
|
||||
|
||||
$nav = $this->buildLocalNavigation($project);
|
||||
|
|
|
@ -53,7 +53,7 @@ final class PhabricatorProjectProfileController
|
|||
$query->setViewer($this->getRequest()->getUser());
|
||||
$stories = $query->execute();
|
||||
|
||||
$content .= $this->renderStories($stories);
|
||||
$content = hsprintf('%s%s', $content, $this->renderStories($stories));
|
||||
break;
|
||||
case 'about':
|
||||
$content = $this->renderAboutPage($project, $profile);
|
||||
|
@ -112,7 +112,7 @@ final class PhabricatorProjectProfileController
|
|||
|
||||
$nav_view->appendChild($header);
|
||||
|
||||
$content = '<div style="padding: 1em;">'.$content.'</div>';
|
||||
$content = hsprintf('<div style="padding: 1em;">%s</div>', $content);
|
||||
$header->appendChild($content);
|
||||
|
||||
return $this->buildStandardPageResponse(
|
||||
|
@ -178,22 +178,22 @@ final class PhabricatorProjectProfileController
|
|||
|
||||
$affiliated = array();
|
||||
foreach ($handles as $phids => $handle) {
|
||||
$affiliated[] = '<li>'.$handle->renderLink().'</li>';
|
||||
$affiliated[] = phutil_tag('li', array(), $handle->renderLink());
|
||||
}
|
||||
|
||||
if ($affiliated) {
|
||||
$affiliated = '<ul>'.implode("\n", $affiliated).'</ul>';
|
||||
$affiliated = phutil_tag('ul', array(), $affiliated);
|
||||
} else {
|
||||
$affiliated = '<p><em>No one is affiliated with this project.</em></p>';
|
||||
$affiliated = hsprintf('<p><em>%s</em></p>', pht(
|
||||
'No one is affiliated with this project.'));
|
||||
}
|
||||
|
||||
return
|
||||
return hsprintf(
|
||||
'<div class="phabricator-profile-info-group">'.
|
||||
'<h1 class="phabricator-profile-info-header">People</h1>'.
|
||||
'<div class="phabricator-profile-info-pane">'.
|
||||
$affiliated.
|
||||
'</div>'.
|
||||
'</div>';
|
||||
'<div class="phabricator-profile-info-pane">%s</div>'.
|
||||
'</div>',
|
||||
$affiliated);
|
||||
}
|
||||
|
||||
private function renderFeedPage(
|
||||
|
@ -220,13 +220,12 @@ final class PhabricatorProjectProfileController
|
|||
$builder->setUser($this->getRequest()->getUser());
|
||||
$view = $builder->buildView();
|
||||
|
||||
return
|
||||
return hsprintf(
|
||||
'<div class="phabricator-profile-info-group">'.
|
||||
'<h1 class="phabricator-profile-info-header">Activity Feed</h1>'.
|
||||
'<div class="phabricator-profile-info-pane">'.
|
||||
$view->render().
|
||||
'</div>'.
|
||||
'</div>';
|
||||
'<div class="phabricator-profile-info-pane">%s</div>'.
|
||||
'</div>',
|
||||
$view->render());
|
||||
}
|
||||
|
||||
|
||||
|
@ -257,9 +256,9 @@ final class PhabricatorProjectProfileController
|
|||
}
|
||||
|
||||
if (empty($tasks)) {
|
||||
$task_views = '<em>No open tasks.</em>';
|
||||
$task_views = phutil_tag('em', array(), pht('No open tasks.'));
|
||||
} else {
|
||||
$task_views = implode('', $task_views);
|
||||
$task_views = phutil_implode_html('', $task_views);
|
||||
}
|
||||
|
||||
$open = number_format($count);
|
||||
|
@ -271,18 +270,17 @@ final class PhabricatorProjectProfileController
|
|||
),
|
||||
"View All Open Tasks \xC2\xBB");
|
||||
|
||||
$content =
|
||||
$content = hsprintf(
|
||||
'<div class="phabricator-profile-info-group">
|
||||
<h1 class="phabricator-profile-info-header">'.
|
||||
"Open Tasks ({$open})".
|
||||
'</h1>'.
|
||||
<h1 class="phabricator-profile-info-header">Open Tasks (%s)</h1>'.
|
||||
'<div class="phabricator-profile-info-pane">'.
|
||||
$task_views.
|
||||
'<div class="phabricator-profile-info-pane-more-link">'.
|
||||
$more_link.
|
||||
'</div>'.
|
||||
'%s'.
|
||||
'<div class="phabricator-profile-info-pane-more-link">%s</div>'.
|
||||
'</div>
|
||||
</div>';
|
||||
</div>',
|
||||
$open,
|
||||
$task_views,
|
||||
$more_link);
|
||||
|
||||
return $content;
|
||||
}
|
||||
|
|
|
@ -75,7 +75,7 @@ final class PhabricatorSettingsPanelLDAP
|
|||
|
||||
foreach ($forms as $name => $form) {
|
||||
if ($name) {
|
||||
$panel->appendChild('<br /><h1>'.$name.'</h1><br />');
|
||||
$panel->appendChild(hsprintf('<br /><h1>%s</h1><br />', $name));
|
||||
}
|
||||
$panel->appendChild($form);
|
||||
}
|
||||
|
|
|
@ -215,7 +215,7 @@ final class PhabricatorSettingsPanelOAuth
|
|||
|
||||
foreach ($forms as $name => $form) {
|
||||
if ($name) {
|
||||
$panel->appendChild('<br /><h1>'.$name.'</h1><br />');
|
||||
$panel->appendChild(hsprintf('<br /><h1>%s</h1><br />', $name));
|
||||
}
|
||||
$panel->appendChild($form);
|
||||
}
|
||||
|
|
|
@ -181,7 +181,7 @@ final class PhabricatorSlowvotePollController
|
|||
$panel->setWidth(AphrontPanelView::WIDTH_WIDE);
|
||||
|
||||
$panel->appendChild($form);
|
||||
$panel->appendChild('<br /><br />');
|
||||
$panel->appendChild(hsprintf('<br /><br />'));
|
||||
$panel->appendChild($result_markup);
|
||||
|
||||
return $this->buildStandardPageResponse(
|
||||
|
|
|
@ -99,8 +99,8 @@ class PhabricatorApplicationTransactionView extends AphrontView {
|
|||
$event->appendChild(
|
||||
$engine->getOutput($xaction->getComment(), $field));
|
||||
} else if ($has_deleted_comment) {
|
||||
$event->appendChild(
|
||||
'<em>'.pht('This comment has been deleted.').'</em>');
|
||||
$event->appendChild(phutil_tag('em', array(), pht(
|
||||
'This comment has been deleted.')));
|
||||
}
|
||||
|
||||
$events[] = $event;
|
||||
|
|
|
@ -35,10 +35,10 @@ final class PhabricatorUIPagerExample extends PhabricatorUIExample {
|
|||
$panel = new AphrontPanelView();
|
||||
$panel->appendChild($table);
|
||||
|
||||
$panel->appendChild(
|
||||
$panel->appendChild(hsprintf(
|
||||
'<p class="phabricator-ui-example-note">'.
|
||||
'Use <tt>AphrontPagerView</tt> to render a pager element.'.
|
||||
'</p>');
|
||||
'</p>'));
|
||||
|
||||
$pager = new AphrontPagerView();
|
||||
$pager->setPageSize($page_size);
|
||||
|
@ -47,10 +47,10 @@ final class PhabricatorUIPagerExample extends PhabricatorUIExample {
|
|||
$pager->setURI($request->getRequestURI(), 'offset');
|
||||
$panel->appendChild($pager);
|
||||
|
||||
$panel->appendChild(
|
||||
$panel->appendChild(hsprintf(
|
||||
'<p class="phabricator-ui-example-note">'.
|
||||
'You can show more or fewer pages of surrounding context.'.
|
||||
'</p>');
|
||||
'</p>'));
|
||||
|
||||
$many_pages_pager = new AphrontPagerView();
|
||||
$many_pages_pager->setPageSize($page_size);
|
||||
|
@ -60,12 +60,12 @@ final class PhabricatorUIPagerExample extends PhabricatorUIExample {
|
|||
$many_pages_pager->setSurroundingPages(7);
|
||||
$panel->appendChild($many_pages_pager);
|
||||
|
||||
$panel->appendChild(
|
||||
$panel->appendChild(hsprintf(
|
||||
'<p class="phabricator-ui-example-note">'.
|
||||
'When it is prohibitively expensive or complex to attain a complete '.
|
||||
'count of the items, you can select one extra item and set '.
|
||||
'<tt>hasMorePages(true)</tt> if it exists, creating an inexact pager.'.
|
||||
'</p>');
|
||||
'</p>'));
|
||||
|
||||
$inexact_pager = new AphrontPagerView();
|
||||
$inexact_pager->setPageSize($page_size);
|
||||
|
|
|
@ -148,16 +148,36 @@ calling @{function:phutil_safe_html} on it. This is **dangerous**, because if
|
|||
you are wrong and the string is not actually safe, you have introduced an XSS
|
||||
vulnerability. Consequently, you should avoid calling this if possible.
|
||||
|
||||
You can use @{function@libphutil:phutil_escape_html} to explicitly escape an
|
||||
HTML string. You should not normally need to use it.
|
||||
|
||||
You can use @{function@libphutil:phutil_escape_html_newlines} to escape HTML
|
||||
while converting newlines to `<br />`.
|
||||
while converting newlines to `<br />`. You should not need to explicitly use
|
||||
@{function@libphutil:phutil_escape_html} anywhere.
|
||||
|
||||
If you need to apply a string function (such as `trim()`) to safe HTML, use
|
||||
@{method@libphutil:PhutilSafeHTML::applyFunction}.
|
||||
|
||||
If you need to extract the content of a @{class@libphutil:PhutilSafeHTML}
|
||||
object, you should call `getHTMLContent()`, not cast it to a string. Eventually,
|
||||
we would like to remove the string cast entirely.
|
||||
|
||||
Functions @{function@libphutil:phutil_tag} and @{function@libphutil:hsprintf}
|
||||
are not safe if you pass the user input for the tag or attribute name. All the
|
||||
following examples are dangerous:
|
||||
|
||||
counterexample
|
||||
phutil_tag($evil);
|
||||
|
||||
phutil_tag('span', array($evil => $evil2));
|
||||
|
||||
// Use PhutilURI to check if $evil is valid HTTP link.
|
||||
phutil_tag('a', array('href' => $evil));
|
||||
|
||||
phutil_tag('span', array('onmouseover' => $evil));
|
||||
|
||||
hsprintf('<%s>%s</%s>', $evil, $evil2, $evil);
|
||||
|
||||
// We have a lint rule disallowing this.
|
||||
hsprintf($evil);
|
||||
|
||||
= Deprecated Functions =
|
||||
|
||||
The functions @{function@libphutil:phutil_render_tag} and
|
||||
|
|
|
@ -98,8 +98,9 @@ final class CelerityStaticResourceResponse {
|
|||
$this->hasRendered[$resource['uri']] = true;
|
||||
|
||||
$output[] = $this->renderResource($resource);
|
||||
$output[] = "\n";
|
||||
}
|
||||
return implode("\n", $output)."\n";
|
||||
return phutil_implode_html('', $output);
|
||||
}
|
||||
|
||||
private function renderResource(array $resource) {
|
||||
|
@ -179,8 +180,9 @@ final class CelerityStaticResourceResponse {
|
|||
|
||||
if ($data) {
|
||||
$data = implode("\n", $data);
|
||||
return '<script type="text/javascript">//<![CDATA['."\n".
|
||||
$data.'//]]></script>';
|
||||
return hsprintf(
|
||||
'<script type="text/javascript">//<![CDATA['."\n".'%s//]]></script>',
|
||||
phutil_safe_html($data));
|
||||
} else {
|
||||
return '';
|
||||
}
|
||||
|
|
|
@ -34,7 +34,7 @@ abstract class PhabricatorInlineCommentPreviewController
|
|||
$view->setPreview(true);
|
||||
$views[] = $view->render();
|
||||
}
|
||||
$views = implode("\n", $views);
|
||||
$views = phutil_implode_html("\n", $views);
|
||||
|
||||
return id(new AphrontAjaxResponse())
|
||||
->setContent($views);
|
||||
|
|
|
@ -79,19 +79,26 @@ final class PhabricatorInlineSummaryView extends AphrontView {
|
|||
|
||||
$where = idx($item, 'where');
|
||||
|
||||
$colspan = ($has_where ? '' : ' colspan="2"');
|
||||
$rows[] =
|
||||
$colspan = ($has_where ? null : 2);
|
||||
$rows[] = hsprintf(
|
||||
'<tr>'.
|
||||
'<td class="inline-line-number">'.$lines.'</td>'.
|
||||
'<td class="inline-line-number">%s</td>'.
|
||||
'%s'.
|
||||
'%s'.
|
||||
'</tr>',
|
||||
$lines,
|
||||
($has_where
|
||||
? hsprintf('<td class="inline-which-diff">%s</td>', $where)
|
||||
: null).
|
||||
'<td class="inline-summary-content"'.$colspan.'>'.
|
||||
'<div class="phabricator-remarkup">'.
|
||||
$item['content'].
|
||||
'</div>'.
|
||||
'</td>'.
|
||||
'</tr>';
|
||||
: null),
|
||||
phutil_tag(
|
||||
'td',
|
||||
array(
|
||||
'class' => 'inline-summary-content',
|
||||
'colspan' => $colspan,
|
||||
),
|
||||
hsprintf(
|
||||
'<div class="phabricator-remarkup">%s</div>',
|
||||
$item['content'])));
|
||||
}
|
||||
}
|
||||
|
||||
|
@ -100,7 +107,7 @@ final class PhabricatorInlineSummaryView extends AphrontView {
|
|||
array(
|
||||
'class' => 'phabricator-inline-summary-table',
|
||||
),
|
||||
new PhutilSafeHTML(implode("\n", $rows)));
|
||||
phutil_implode_html("\n", $rows));
|
||||
}
|
||||
|
||||
}
|
||||
|
|
|
@ -89,8 +89,7 @@ final class AphrontPanelView extends AphrontView {
|
|||
$header,
|
||||
$caption);
|
||||
|
||||
// TODO: [HTML] Make HTML safe.
|
||||
$table = phutil_safe_html(implode('', $this->renderChildren()));
|
||||
$table = phutil_implode_html('', $this->renderChildren());
|
||||
|
||||
require_celerity_resource('aphront-panel-view-css');
|
||||
|
||||
|
|
|
@ -294,7 +294,7 @@ final class AphrontSideNavFilterView extends AphrontView {
|
|||
),
|
||||
array(
|
||||
$crumbs,
|
||||
phutil_safe_html(implode('', $this->renderChildren())),
|
||||
phutil_implode_html('', $this->renderChildren()),
|
||||
))
|
||||
));
|
||||
}
|
||||
|
|
|
@ -65,11 +65,12 @@ final class PhabricatorProfileHeaderView extends AphrontView {
|
|||
<tr>
|
||||
<td class="profile-header-description">%s</td>
|
||||
</tr>
|
||||
</table>',
|
||||
</table>
|
||||
%s',
|
||||
$this->profileName,
|
||||
self::renderSingleView($this->profileActions),
|
||||
$image,
|
||||
$description).
|
||||
$this->renderChildren();
|
||||
$description,
|
||||
phutil_implode_html('', $this->renderChildren()));
|
||||
}
|
||||
}
|
||||
|
|
|
@ -39,20 +39,18 @@ final class PhabricatorSourceCodeView extends AphrontView {
|
|||
pht('...'));
|
||||
} else {
|
||||
$content_number = $line_number;
|
||||
$content_line = "\xE2\x80\x8B".$line;
|
||||
$content_line = hsprintf("\xE2\x80\x8B%s", $line);
|
||||
}
|
||||
|
||||
// TODO: Provide nice links.
|
||||
|
||||
$rows[] =
|
||||
$rows[] = hsprintf(
|
||||
'<tr>'.
|
||||
'<th class="phabricator-source-line">'.
|
||||
$content_number.
|
||||
'</th>'.
|
||||
'<td class="phabricator-source-code">'.
|
||||
$content_line.
|
||||
'</td>'.
|
||||
'</tr>';
|
||||
'<th class="phabricator-source-line">%s</th>'.
|
||||
'<td class="phabricator-source-code">%s</td>'.
|
||||
'</tr>',
|
||||
$content_number,
|
||||
$content_line);
|
||||
|
||||
if ($hit_limit) {
|
||||
break;
|
||||
|
@ -76,7 +74,7 @@ final class PhabricatorSourceCodeView extends AphrontView {
|
|||
array(
|
||||
'class' => implode(' ', $classes),
|
||||
),
|
||||
new PhutilSafeHTML(implode('', $rows))));
|
||||
phutil_implode_html('', $rows)));
|
||||
}
|
||||
|
||||
}
|
||||
|
|
|
@ -22,7 +22,7 @@ abstract class AphrontPageView extends AphrontView {
|
|||
}
|
||||
|
||||
protected function getBody() {
|
||||
return implode('', $this->renderChildren());
|
||||
return phutil_implode_html('', $this->renderChildren());
|
||||
}
|
||||
|
||||
protected function getTail() {
|
||||
|
@ -45,37 +45,37 @@ abstract class AphrontPageView extends AphrontView {
|
|||
|
||||
$this->willRenderPage();
|
||||
|
||||
$title = phutil_escape_html($this->getTitle());
|
||||
$title = $this->getTitle();
|
||||
$head = $this->getHead();
|
||||
$body = $this->getBody();
|
||||
$tail = $this->getTail();
|
||||
|
||||
$body_classes = $this->getBodyClasses();
|
||||
|
||||
$body = phutil_render_tag(
|
||||
$body = phutil_tag(
|
||||
'body',
|
||||
array(
|
||||
'class' => nonempty($body_classes, null),
|
||||
),
|
||||
$body.$tail);
|
||||
array($body, $tail));
|
||||
|
||||
$response = <<<EOHTML
|
||||
<!DOCTYPE html>
|
||||
<html>
|
||||
<head>
|
||||
<meta charset="UTF-8" />
|
||||
<title>{$title}</title>
|
||||
{$head}
|
||||
</head>
|
||||
{$body}
|
||||
</html>
|
||||
|
||||
EOHTML;
|
||||
$response = hsprintf(
|
||||
'<!DOCTYPE html>'.
|
||||
'<html>'.
|
||||
'<head>'.
|
||||
'<meta charset="UTF-8" />'.
|
||||
'<title>%s</title>'.
|
||||
'%s'.
|
||||
'</head>'.
|
||||
'%s'.
|
||||
'</html>',
|
||||
$title,
|
||||
$head,
|
||||
$body);
|
||||
|
||||
$response = $this->willSendResponse($response);
|
||||
|
||||
// TODO: [HTML] Make HTML safe.
|
||||
return phutil_safe_html($response);
|
||||
return $response;
|
||||
|
||||
}
|
||||
|
||||
|
|
|
@ -55,13 +55,13 @@ class PhabricatorBarePageView extends AphrontPageView {
|
|||
protected function willRenderPage() {
|
||||
// We render this now to resolve static resources so they can appear in the
|
||||
// document head.
|
||||
$this->bodyContent = implode('', $this->renderChildren());
|
||||
$this->bodyContent = phutil_implode_html('', $this->renderChildren());
|
||||
}
|
||||
|
||||
protected function getHead() {
|
||||
$framebust = null;
|
||||
if (!$this->getFrameable()) {
|
||||
$framebust = '(top != self) && top.location.replace(self.location.href);';
|
||||
$framebust = '(top == self) || top.location.replace(self.location.href);';
|
||||
}
|
||||
|
||||
$viewport_tag = null;
|
||||
|
@ -78,22 +78,12 @@ class PhabricatorBarePageView extends AphrontPageView {
|
|||
|
||||
$response = CelerityAPI::getStaticResourceResponse();
|
||||
|
||||
$head = array(
|
||||
return hsprintf(
|
||||
'%s<script type="text/javascript">%s window.__DEV__=%s;</script>%s',
|
||||
$viewport_tag,
|
||||
|
||||
'<script type="text/javascript">'.
|
||||
$framebust.
|
||||
'window.__DEV__='.
|
||||
(PhabricatorEnv::getEnvConfig('phabricator.developer-mode')
|
||||
? '1'
|
||||
: '0').
|
||||
';'.
|
||||
'</script>',
|
||||
|
||||
$response->renderResourcesOfType('css'),
|
||||
);
|
||||
|
||||
return implode("\n", $head);
|
||||
$framebust,
|
||||
(PhabricatorEnv::getEnvConfig('phabricator.developer-mode') ? '1' : '0'),
|
||||
$response->renderResourcesOfType('css'));
|
||||
}
|
||||
|
||||
protected function getBody() {
|
||||
|
|
|
@ -205,15 +205,11 @@ final class PhabricatorStandardPageView extends PhabricatorBarePageView {
|
|||
|
||||
$response = CelerityAPI::getStaticResourceResponse();
|
||||
|
||||
$head = array(
|
||||
return hsprintf(
|
||||
'%s<style type="text/css">.PhabricatorMonospaced { font: %s; }</style>%s',
|
||||
parent::getHead(),
|
||||
'<style type="text/css">'.
|
||||
'.PhabricatorMonospaced { font: '.$monospaced.'; }'.
|
||||
'</style>',
|
||||
$response->renderSingleResource('javelin-magical-init'),
|
||||
);
|
||||
|
||||
return implode("\n", $head);
|
||||
phutil_safe_html($monospaced),
|
||||
$response->renderSingleResource('javelin-magical-init'));
|
||||
}
|
||||
|
||||
public function setGlyph($glyph) {
|
||||
|
@ -232,8 +228,9 @@ final class PhabricatorStandardPageView extends PhabricatorBarePageView {
|
|||
$console = $request->getApplicationConfiguration()->getConsole();
|
||||
|
||||
if ($console) {
|
||||
$response = str_replace(
|
||||
'<darkconsole />',
|
||||
$response = PhutilSafeHTML::applyFunction(
|
||||
'str_replace',
|
||||
hsprintf('<darkconsole />'),
|
||||
$console->render($request),
|
||||
$response);
|
||||
}
|
||||
|
@ -288,20 +285,22 @@ final class PhabricatorStandardPageView extends PhabricatorBarePageView {
|
|||
}
|
||||
|
||||
return
|
||||
phutil_render_tag(
|
||||
phutil_tag(
|
||||
'div',
|
||||
array(
|
||||
'id' => 'base-page',
|
||||
'class' => 'phabricator-standard-page',
|
||||
),
|
||||
$developer_warning.
|
||||
$setup_warning.
|
||||
$header_chrome.
|
||||
hsprintf(
|
||||
'%s%s%s'.
|
||||
'<div class="phabricator-standard-page-body">'.
|
||||
($console ? '<darkconsole />' : null).
|
||||
parent::getBody().
|
||||
'<div style="clear: both;"></div>'.
|
||||
'</div>');
|
||||
'%s%s<div style="clear: both;"></div>'.
|
||||
'</div>',
|
||||
$developer_warning,
|
||||
$setup_warning,
|
||||
$header_chrome,
|
||||
($console ? hsprintf('<darkconsole />') : null),
|
||||
parent::getBody()));
|
||||
}
|
||||
|
||||
protected function getTail() {
|
||||
|
@ -350,7 +349,7 @@ final class PhabricatorStandardPageView extends PhabricatorBarePageView {
|
|||
$response->renderHTMLFooter(),
|
||||
);
|
||||
|
||||
return implode("\n", $tail);
|
||||
return phutil_implode_html("\n", $tail);
|
||||
}
|
||||
|
||||
protected function getBodyClasses() {
|
||||
|
|
Loading…
Reference in a new issue