diff --git a/src/aphront/console/plugin/DarkConsoleErrorLogPlugin.php b/src/aphront/console/plugin/DarkConsoleErrorLogPlugin.php index 98df6d113c..bf45706e84 100644 --- a/src/aphront/console/plugin/DarkConsoleErrorLogPlugin.php +++ b/src/aphront/console/plugin/DarkConsoleErrorLogPlugin.php @@ -50,11 +50,11 @@ final class DarkConsoleErrorLogPlugin extends DarkConsolePlugin { $row['str'].' at ['.basename($file).':'.$line.']'); $rows[] = array($tag); - $details .= - '
'. - phutil_escape_html($row['details'])."\n". - 'Stack trace:'."\n"; + $details .= hsprintf( + '
'. + "%s\nStack trace:\n", + $index, + $row['details']); foreach ($row['trace'] as $key => $entry) { $line = ''; diff --git a/src/applications/auth/controller/PhabricatorLoginController.php b/src/applications/auth/controller/PhabricatorLoginController.php index 1ad981cf65..5a39d52372 100644 --- a/src/applications/auth/controller/PhabricatorLoginController.php +++ b/src/applications/auth/controller/PhabricatorLoginController.php @@ -247,8 +247,7 @@ final class PhabricatorLoginController $title = pht("Login or Register with %s", $provider_name); $body = pht('Login or register for Phabricator using your %s account.', $provider_name); - $button = pht("Login or Register with %s", - phutil_escape_html($provider_name)); + $button = pht("Login or Register with %s", $provider_name); } else { $title = pht("Login with %s", $provider_name); $body = hsprintf( @@ -259,7 +258,7 @@ final class PhabricatorLoginController pht( 'You can not use %s to register a new account.', $provider_name)); - $button = pht("Log in with %s", phutil_escape_html($provider_name)); + $button = pht("Log in with %s", $provider_name); } $auth_form = new AphrontFormView(); diff --git a/src/applications/calendar/controller/PhabricatorCalendarViewStatusController.php b/src/applications/calendar/controller/PhabricatorCalendarViewStatusController.php index 9f96fd070a..6a7913e182 100644 --- a/src/applications/calendar/controller/PhabricatorCalendarViewStatusController.php +++ b/src/applications/calendar/controller/PhabricatorCalendarViewStatusController.php @@ -94,7 +94,7 @@ final class PhabricatorCalendarViewStatusController } else { $no_data = pht('%s does not have any upcoming status events.', - phutil_escape_html($this->getHandle($this->phid)->getName())); + $this->getHandle($this->phid)->getName()); } return $no_data; } @@ -115,7 +115,7 @@ final class PhabricatorCalendarViewStatusController } else { $page_title = pht( 'Upcoming Statuses for %s', - phutil_escape_html($this->getHandle($this->phid)->getName()) + $this->getHandle($this->phid)->getName() ); } return $page_title; diff --git a/src/applications/calendar/view/AphrontCalendarMonthView.php b/src/applications/calendar/view/AphrontCalendarMonthView.php index 3367c01d88..c482204405 100644 --- a/src/applications/calendar/view/AphrontCalendarMonthView.php +++ b/src/applications/calendar/view/AphrontCalendarMonthView.php @@ -100,11 +100,14 @@ final class AphrontCalendarMonthView extends AphrontView { $holiday_markup = null; if ($holiday) { - $name = phutil_escape_html($holiday->getName()); - $holiday_markup = - '
'. - $name. - '
'; + $name = $holiday->getName(); + $holiday_markup = phutil_tag( + 'div', + array( + 'class' => 'aphront-calendar-holiday', + 'title' => $name, + ), + $name); } $markup[] = diff --git a/src/applications/conpherence/storage/ConpherenceTransaction.php b/src/applications/conpherence/storage/ConpherenceTransaction.php index 64afcf9157..b2ff0f97c0 100644 --- a/src/applications/conpherence/storage/ConpherenceTransaction.php +++ b/src/applications/conpherence/storage/ConpherenceTransaction.php @@ -50,18 +50,18 @@ final class ConpherenceTransaction extends PhabricatorApplicationTransaction { $title = pht( '%s renamed this conpherence from "%s" to "%s".', $this->renderHandleLink($author_phid), - phutil_escape_html($old), - phutil_escape_html($new)); + $old, + $new); } else if ($old) { $title = pht( '%s deleted the conpherence name "%s".', $this->renderHandleLink($author_phid), - phutil_escape_html($old)); + $old); } else { $title = pht( '%s named this conpherence "%s".', $this->renderHandleLink($author_phid), - phutil_escape_html($new)); + $new); } return $title; case ConpherenceTransactionType::TYPE_FILES: diff --git a/src/applications/differential/field/specification/DifferentialReviewersFieldSpecification.php b/src/applications/differential/field/specification/DifferentialReviewersFieldSpecification.php index 79405a4718..de6a89f05a 100644 --- a/src/applications/differential/field/specification/DifferentialReviewersFieldSpecification.php +++ b/src/applications/differential/field/specification/DifferentialReviewersFieldSpecification.php @@ -143,8 +143,7 @@ final class DifferentialReviewersFieldSpecification if ($other_reviewers) { $names = array(); foreach ($other_reviewers as $reviewer => $_) { - $names[] = phutil_escape_html( - $this->getHandle($reviewer)->getLinkName()); + $names[] = $this->getHandle($reviewer)->getLinkName(); } $suffix = javelin_tag( 'abbr', diff --git a/src/applications/differential/view/DifferentialDiffTableOfContentsView.php b/src/applications/differential/view/DifferentialDiffTableOfContentsView.php index cd30fa0c90..fc980608c4 100644 --- a/src/applications/differential/view/DifferentialDiffTableOfContentsView.php +++ b/src/applications/differential/view/DifferentialDiffTableOfContentsView.php @@ -94,22 +94,20 @@ final class DifferentialDiffTableOfContentsView extends AphrontView { $meta[] = pht('Copied to multiple locations:'); } foreach ($away as $path) { - $meta[] = phutil_escape_html($path); + $meta[] = $path; } - $meta = implode('
', $meta); + $meta = phutil_implode_html(phutil_tag('br'), $meta); } else { if ($type == DifferentialChangeType::TYPE_MOVE_AWAY) { - $meta = pht('Moved to %s', phutil_escape_html(reset($away))); + $meta = pht('Moved to %s', reset($away)); } else { - $meta = pht('Copied to %s', phutil_escape_html(reset($away))); + $meta = pht('Copied to %s', reset($away)); } } } else if ($type == DifferentialChangeType::TYPE_MOVE_HERE) { - $meta = pht('Moved from %s', - phutil_escape_html($changeset->getOldFile())); + $meta = pht('Moved from %s', $changeset->getOldFile()); } else if ($type == DifferentialChangeType::TYPE_COPY_HERE) { - $meta = pht('Copied from %s', - phutil_escape_html($changeset->getOldFile())); + $meta = pht('Copied from %s', $changeset->getOldFile()); } else { $meta = null; } @@ -162,11 +160,12 @@ final class DifferentialDiffTableOfContentsView extends AphrontView { ''.$mcov.''. ''; if ($meta) { - $rows[] = + $rows[] = hsprintf( ''. ''. - ''.$meta.''. - ''; + '%s'. + '', + $meta); } if ($this->diff && $this->repository) { $paths[] = diff --git a/src/applications/differential/view/DifferentialRevisionCommentView.php b/src/applications/differential/view/DifferentialRevisionCommentView.php index 251c6d12fd..3f6a46bba0 100644 --- a/src/applications/differential/view/DifferentialRevisionCommentView.php +++ b/src/applications/differential/view/DifferentialRevisionCommentView.php @@ -116,19 +116,22 @@ final class DifferentialRevisionCommentView extends AphrontView { array()); $verb = DifferentialAction::getActionPastTenseVerb($comment->getAction()); - $verb = phutil_escape_html($verb); $actions = array(); // TODO: i18n switch ($comment->getAction()) { case DifferentialAction::ACTION_ADDCCS: - $actions[] = "{$author_link} added CCs: ". - $this->renderHandleList($added_ccs)."."; + $actions[] = hsprintf( + "%s added CCs: %s.", + $author_link, + $this->renderHandleList($added_ccs)); $added_ccs = null; break; case DifferentialAction::ACTION_ADDREVIEWERS: - $actions[] = "{$author_link} added reviewers: ". - $this->renderHandleList($added_reviewers)."."; + $actions[] = hsprintf( + "%s added reviewers: %s.", + $author_link, + $this->renderHandleList($added_reviewers)); $added_reviewers = null; break; case DifferentialAction::ACTION_UPDATE: @@ -140,33 +143,48 @@ final class DifferentialRevisionCommentView extends AphrontView { 'href' => '/D'.$comment->getRevisionID().'?id='.$diff_id, ), 'Diff #'.$diff_id); - $actions[] = "{$author_link} updated this revision to {$diff_link}."; + $actions[] = hsprintf( + "%s updated this revision to %s.", + $author_link, + $diff_link); } else { - $actions[] = "{$author_link} {$verb} this revision."; + $actions[] = hsprintf( + "%s %s this revision.", + $author_link, + $verb); } break; default: - $actions[] = "{$author_link} {$verb} this revision."; + $actions[] = hsprintf( + "%s %s this revision.", + $author_link, + $verb); break; } if ($added_reviewers) { - $actions[] = "{$author_link} added reviewers: ". - $this->renderHandleList($added_reviewers)."."; + $actions[] = hsprintf( + "%s added reviewers: %s.", + $author_link, + $this->renderHandleList($added_reviewers)); } if ($removed_reviewers) { - $actions[] = "{$author_link} removed reviewers: ". - $this->renderHandleList($removed_reviewers)."."; + $actions[] = hsprintf( + "%s removed reviewers: %s.", + $author_link, + $this->renderHandleList($removed_reviewers)); } if ($added_ccs) { - $actions[] = "{$author_link} added CCs: ". - $this->renderHandleList($added_ccs)."."; + $actions[] = hsprintf( + "%s added CCs: %s.", + $author_link, + $this->renderHandleList($added_ccs)); } foreach ($actions as $key => $action) { - $actions[$key] = '
'.$action.'
'; + $actions[$key] = phutil_tag('div', array(), $action); } $xaction_view = id(new PhabricatorTransactionView()) @@ -205,7 +223,7 @@ final class DifferentialRevisionCommentView extends AphrontView { foreach ($phids as $phid) { $result[] = $this->handles[$phid]->renderLink(); } - return implode(', ', $result); + return phutil_implode_html(', ', $result); } private function renderInlineComments() { diff --git a/src/applications/diffusion/view/DiffusionCommentView.php b/src/applications/diffusion/view/DiffusionCommentView.php index 1b37302b34..bdd2257a73 100644 --- a/src/applications/diffusion/view/DiffusionCommentView.php +++ b/src/applications/diffusion/view/DiffusionCommentView.php @@ -114,17 +114,19 @@ final class DiffusionCommentView extends AphrontView { $actions = array(); if ($action == PhabricatorAuditActionConstants::ADD_CCS) { $rendered_ccs = $this->renderHandleList($added_ccs); - $actions[] = "{$author_link} added CCs: {$rendered_ccs}."; + $actions[] = hsprintf("%s added CCs: %s.", $author_link, $rendered_ccs); } else if ($action == PhabricatorAuditActionConstants::ADD_AUDITORS) { $rendered_auditors = $this->renderHandleList($added_auditors); - $actions[] = "{$author_link} added auditors: ". - "{$rendered_auditors}."; + $actions[] = hsprintf( + "%s added auditors: %s.", + $author_link, + $rendered_auditors); } else { - $actions[] = "{$author_link} ".phutil_escape_html($verb)." this commit."; + $actions[] = hsprintf("%s %s this commit.", $author_link, $verb); } foreach ($actions as $key => $action) { - $actions[$key] = '
'.$action.'
'; + $actions[$key] = phutil_tag('div', array(), $action); } return $actions; @@ -186,7 +188,7 @@ final class DiffusionCommentView extends AphrontView { foreach ($phids as $phid) { $result[] = $this->handles[$phid]->renderLink(); } - return implode(', ', $result); + return phutil_implode_html(', ', $result); } private function renderClasses() { diff --git a/src/applications/feed/story/PhabricatorFeedStoryCommit.php b/src/applications/feed/story/PhabricatorFeedStoryCommit.php index 0e2030cbf3..57989e200c 100644 --- a/src/applications/feed/story/PhabricatorFeedStoryCommit.php +++ b/src/applications/feed/story/PhabricatorFeedStoryCommit.php @@ -19,14 +19,14 @@ final class PhabricatorFeedStoryCommit extends PhabricatorFeedStory { if ($data->getValue('authorPHID')) { $author = $this->linkTo($data->getValue('authorPHID')); } else { - $author = phutil_escape_html($data->getValue('authorName')); + $author = $data->getValue('authorName'); } $committer = null; if ($data->getValue('committerPHID')) { $committer = $this->linkTo($data->getValue('committerPHID')); } else if ($data->getValue('committerName')) { - $committer = phutil_escape_html($data->getValue('committerName')); + $committer = $data->getValue('committerName'); } $commit = $this->linkTo($data->getValue('commitPHID')); @@ -37,9 +37,16 @@ final class PhabricatorFeedStoryCommit extends PhabricatorFeedStory { } if ($author) { - $title = "{$committer} committed {$commit} (authored by {$author})"; + $title = hsprintf( + "%s committed %s (authored by %s)", + $committer, + $commit, + $author); } else { - $title = "{$committer} committed {$commit}"; + $title = hsprintf( + "%s committed %s", + $committer, + $commit); } $view = new PhabricatorFeedStoryView(); diff --git a/src/applications/flag/events/PhabricatorFlagsUIEventListener.php b/src/applications/flag/events/PhabricatorFlagsUIEventListener.php index 1ec6e7f1c0..13ba11321b 100644 --- a/src/applications/flag/events/PhabricatorFlagsUIEventListener.php +++ b/src/applications/flag/events/PhabricatorFlagsUIEventListener.php @@ -31,7 +31,7 @@ final class PhabricatorFlagsUIEventListener extends PhutilEventListener { $flag_action = id(new PhabricatorActionView()) ->setWorkflow(true) ->setHref('/flag/delete/'.$flag->getID().'/') - ->setName(phutil_escape_html('Remove '.$color.' Flag')) + ->setName('Remove '.$color.' Flag') ->setIcon('flag-'.$flag->getColor()); } else { $flag_action = id(new PhabricatorActionView()) diff --git a/src/applications/macro/storage/PhabricatorMacroTransaction.php b/src/applications/macro/storage/PhabricatorMacroTransaction.php index 5711d7899e..bd0ac70c49 100644 --- a/src/applications/macro/storage/PhabricatorMacroTransaction.php +++ b/src/applications/macro/storage/PhabricatorMacroTransaction.php @@ -64,8 +64,8 @@ final class PhabricatorMacroTransaction return pht( '%s renamed this macro from "%s" to "%s".', $this->renderHandleLink($author_phid), - phutil_escape_html($old), - phutil_escape_html($new)); + $old, + $new); break; case PhabricatorMacroTransactionType::TYPE_DISABLED: if ($new) { @@ -109,8 +109,8 @@ final class PhabricatorMacroTransaction '%s renamed %s from "%s" to "%s".', $this->renderHandleLink($author_phid), $this->renderHandleLink($object_phid), - phutil_escape_html($old), - phutil_escape_html($new)); + $old, + $new); case PhabricatorMacroTransactionType::TYPE_DISABLED: if ($new) { return pht( diff --git a/src/applications/maniphest/auxiliaryfield/ManiphestAuxiliaryFieldDefaultSpecification.php b/src/applications/maniphest/auxiliaryfield/ManiphestAuxiliaryFieldDefaultSpecification.php index b393a6e1de..67abdf407d 100644 --- a/src/applications/maniphest/auxiliaryfield/ManiphestAuxiliaryFieldDefaultSpecification.php +++ b/src/applications/maniphest/auxiliaryfield/ManiphestAuxiliaryFieldDefaultSpecification.php @@ -152,13 +152,13 @@ class ManiphestAuxiliaryFieldDefaultSpecification switch ($this->getFieldType()) { case self::TYPE_BOOL: if ($this->getValue()) { - return phutil_escape_html($this->getCheckboxValue()); + return $this->getCheckboxValue(); } else { return null; } case self::TYPE_SELECT: $display = idx($this->getSelectOptions(), $this->getValue()); - return phutil_escape_html($display); + return $display; } return parent::renderForDetailView(); } diff --git a/src/applications/maniphest/auxiliaryfield/ManiphestAuxiliaryFieldSpecification.php b/src/applications/maniphest/auxiliaryfield/ManiphestAuxiliaryFieldSpecification.php index fba027e838..216227194d 100644 --- a/src/applications/maniphest/auxiliaryfield/ManiphestAuxiliaryFieldSpecification.php +++ b/src/applications/maniphest/auxiliaryfield/ManiphestAuxiliaryFieldSpecification.php @@ -71,7 +71,7 @@ abstract class ManiphestAuxiliaryFieldSpecification { } public function renderForDetailView() { - return phutil_escape_html($this->getValue()); + return $this->getValue(); } diff --git a/src/applications/paste/controller/PhabricatorPasteListController.php b/src/applications/paste/controller/PhabricatorPasteListController.php index def6cc8f66..7d22d6fd62 100644 --- a/src/applications/paste/controller/PhabricatorPasteListController.php +++ b/src/applications/paste/controller/PhabricatorPasteListController.php @@ -109,7 +109,7 @@ final class PhabricatorPasteListController extends PhabricatorPasteController { $lang_name = $paste->getLanguage(); if ($lang_name) { $lang_name = idx($lang_map, $lang_name, $lang_name); - $item->addIcon('none', phutil_escape_html($lang_name)); + $item->addIcon('none', $lang_name); } $list->addItem($item); diff --git a/src/applications/pholio/storage/PholioTransaction.php b/src/applications/pholio/storage/PholioTransaction.php index 55a5ab7ba6..ece88cbdd5 100644 --- a/src/applications/pholio/storage/PholioTransaction.php +++ b/src/applications/pholio/storage/PholioTransaction.php @@ -44,15 +44,15 @@ final class PholioTransaction extends PhabricatorApplicationTransaction { return pht( '%s renamed this mock from "%s" to "%s".', $this->renderHandleLink($author_phid), - phutil_escape_html($old), - phutil_escape_html($new)); + $old, + $new); break; case PholioTransactionType::TYPE_DESCRIPTION: return pht( '%s updated the description of this mock. '. 'The old description was: %s', $this->renderHandleLink($author_phid), - phutil_escape_html($old)); + $old); } return parent::getTitle(); diff --git a/src/applications/phpast/controller/PhabricatorXHPASTViewInputController.php b/src/applications/phpast/controller/PhabricatorXHPASTViewInputController.php index 0d90598190..48ba6afc33 100644 --- a/src/applications/phpast/controller/PhabricatorXHPASTViewInputController.php +++ b/src/applications/phpast/controller/PhabricatorXHPASTViewInputController.php @@ -5,7 +5,6 @@ final class PhabricatorXHPASTViewInputController public function processRequest() { $input = $this->getStorageTree()->getInput(); - return $this->buildXHPASTViewPanelResponse( - phutil_escape_html($input)); + return $this->buildXHPASTViewPanelResponse($input); } } diff --git a/src/applications/phpast/controller/PhabricatorXHPASTViewPanelController.php b/src/applications/phpast/controller/PhabricatorXHPASTViewPanelController.php index b4494eb44e..0e43c418f1 100644 --- a/src/applications/phpast/controller/PhabricatorXHPASTViewPanelController.php +++ b/src/applications/phpast/controller/PhabricatorXHPASTViewPanelController.php @@ -20,7 +20,7 @@ abstract class PhabricatorXHPASTViewPanelController } protected function buildXHPASTViewPanelResponse($content) { - $content = + $content = hsprintf( ''. ''. ''. @@ -57,10 +57,9 @@ li span { '. ''. - ''. - $content. - ''. - ''; + '%s'. + '', + $content); $response = new AphrontWebpageResponse(); $response->setFrameable(true); diff --git a/src/applications/phpast/controller/PhabricatorXHPASTViewStreamController.php b/src/applications/phpast/controller/PhabricatorXHPASTViewStreamController.php index bf7c620be9..4931ab29e3 100644 --- a/src/applications/phpast/controller/PhabricatorXHPASTViewStreamController.php +++ b/src/applications/phpast/controller/PhabricatorXHPASTViewStreamController.php @@ -27,6 +27,7 @@ final class PhabricatorXHPASTViewStreamController $token->getValue()); } - return $this->buildXHPASTViewPanelResponse(implode('', $tokens)); + return $this->buildXHPASTViewPanelResponse( + phutil_implode_html('', $tokens)); } } diff --git a/src/applications/phpast/controller/PhabricatorXHPASTViewTreeController.php b/src/applications/phpast/controller/PhabricatorXHPASTViewTreeController.php index 5b7673386e..b332784e92 100644 --- a/src/applications/phpast/controller/PhabricatorXHPASTViewTreeController.php +++ b/src/applications/phpast/controller/PhabricatorXHPASTViewTreeController.php @@ -12,7 +12,7 @@ final class PhabricatorXHPASTViewTreeController $input, array(0, $stdout, '')); - $tree = ''; + $tree = phutil_tag('ul', array(), $this->buildTree($tree->getRootNode())); return $this->buildXHPASTViewPanelResponse($tree); } @@ -27,19 +27,19 @@ final class PhabricatorXHPASTViewTreeController } $tree = array(); - $tree[] = - '
  • '. - phutil_tag( - 'span', - array( - 'title' => $title, - ), - $name). - '
  • '; + $tree[] = phutil_tag( + 'li', + array(), + phutil_tag( + 'span', + array( + 'title' => $title, + ), + $name)); foreach ($root->getChildren() as $child) { - $tree[] = ''; + $tree[] = phutil_tag('ul', array(), $this->buildTree($child)); } - return implode("\n", $tree); + return phutil_implode_html("\n", $tree); } } diff --git a/src/applications/policy/filter/PhabricatorPolicy.php b/src/applications/policy/filter/PhabricatorPolicy.php index 305cae4cd1..8f8d1120f8 100644 --- a/src/applications/policy/filter/PhabricatorPolicy.php +++ b/src/applications/policy/filter/PhabricatorPolicy.php @@ -84,7 +84,7 @@ final class PhabricatorPolicy { ), $this->getName()); } else { - $desc = phutil_escape_html($this->getName()); + $desc = $this->getName(); } switch ($this->getType()) { diff --git a/src/applications/subscriptions/events/PhabricatorSubscriptionsUIEventListener.php b/src/applications/subscriptions/events/PhabricatorSubscriptionsUIEventListener.php index 3a3c7deb3a..93e5144ae0 100644 --- a/src/applications/subscriptions/events/PhabricatorSubscriptionsUIEventListener.php +++ b/src/applications/subscriptions/events/PhabricatorSubscriptionsUIEventListener.php @@ -36,7 +36,7 @@ final class PhabricatorSubscriptionsUIEventListener ->setDisabled(true) ->setRenderAsForm(true) ->setHref('/subscriptions/add/'.$object->getPHID().'/') - ->setName(phutil_escape_html('Automatically Subscribed')) + ->setName('Automatically Subscribed') ->setIcon('subscribe-auto'); } else { $subscribed = false; @@ -59,7 +59,7 @@ final class PhabricatorSubscriptionsUIEventListener ->setWorkflow(true) ->setRenderAsForm(true) ->setHref('/subscriptions/delete/'.$object->getPHID().'/') - ->setName(phutil_escape_html('Unsubscribe')) + ->setName('Unsubscribe') ->setIcon('subscribe-delete'); } else { $sub_action = id(new PhabricatorActionView()) @@ -67,7 +67,7 @@ final class PhabricatorSubscriptionsUIEventListener ->setWorkflow(true) ->setRenderAsForm(true) ->setHref('/subscriptions/add/'.$object->getPHID().'/') - ->setName(phutil_escape_html('Subscribe')) + ->setName('Subscribe') ->setIcon('subscribe-add'); } diff --git a/src/applications/transactions/storage/PhabricatorApplicationTransaction.php b/src/applications/transactions/storage/PhabricatorApplicationTransaction.php index 00bbde7e3d..6494929c15 100644 --- a/src/applications/transactions/storage/PhabricatorApplicationTransaction.php +++ b/src/applications/transactions/storage/PhabricatorApplicationTransaction.php @@ -134,7 +134,7 @@ abstract class PhabricatorApplicationTransaction if ($this->renderingTarget == self::TARGET_HTML) { return $this->getHandle($phid)->renderLink(); } else { - return $this->getHandle($phid)->getName(); + return hsprintf('%s', $this->getHandle($phid)->getName()); } } @@ -143,7 +143,7 @@ abstract class PhabricatorApplicationTransaction foreach ($phids as $phid) { $links[] = $this->renderHandleLink($phid); } - return phutil_safe_html(implode(', ', $links)); + return phutil_implode_html(', ', $links); } public function getIcon() { @@ -218,16 +218,16 @@ abstract class PhabricatorApplicationTransaction '%s changed the visibility of this %s from "%s" to "%s".', $this->renderHandleLink($author_phid), $this->getApplicationObjectTypeName(), - phutil_escape_html($old), - phutil_escape_html($new)); + $old, + $new); case PhabricatorTransactions::TYPE_EDIT_POLICY: // TODO: Render human-readable. return pht( '%s changed the edit policy of this %s from "%s" to "%s".', $this->renderHandleLink($author_phid), $this->getApplicationObjectTypeName(), - phutil_escape_html($old), - phutil_escape_html($new)); + $old, + $new); case PhabricatorTransactions::TYPE_SUBSCRIBERS: $add = array_diff($new, $old); $rem = array_diff($old, $new); diff --git a/src/view/layout/PhabricatorSourceCodeView.php b/src/view/layout/PhabricatorSourceCodeView.php index 790ea663d3..166c951b36 100644 --- a/src/view/layout/PhabricatorSourceCodeView.php +++ b/src/view/layout/PhabricatorSourceCodeView.php @@ -38,7 +38,7 @@ final class PhabricatorSourceCodeView extends AphrontView { ), pht('...')); } else { - $content_number = phutil_escape_html($line_number); + $content_number = $line_number; $content_line = "\xE2\x80\x8B".$line; }