hazza/Phraseanet
1
0
Fork 0
mirror of https://github.com/alchemy-fr/Phraseanet.git synced 2025-10-14 13:33:14 +00:00
Code Issues Packages Projects Releases Wiki Activity

PHRAS-3800_xss (#4219)

Browse Source 
* add encode option to record::get_title ; render preview.record_title in twig

* html-escape facet values
This commit is contained in:
jygaulier
2023-03-15 11:05:34 +01:00
committed by GitHub
parent 32ff2739ab
commit e7027c7220
31 changed files with 241 additions and 158 deletions
Download Patch File Download Diff File Expand all files Collapse all files

3
lib/Alchemy/Phrasea/Controller/Prod/PrinterController.php
View File

@@ -14,6 +14,7 @@ use Alchemy\Phrasea\Controller\Controller;
use Alchemy\Phrasea\Controller\RecordsRequest;
use Alchemy\Phrasea\Helper\Record as RecordHelper;
use Alchemy\Phrasea\Out\Module\PDFRecords;
use record_adapter;
use Symfony\Component\HttpFoundation\Request;
use Symfony\Component\HttpFoundation\Response;
use Symfony\Component\HttpFoundation\ResponseHeaderBag;
@@ -43,7 +44,7 @@ class PrinterController extends Controller
$r = RecordsRequest::fromRequest($this->app, $request, false);
if ($r->isSingleStory()) {
$pdfTitle = $r->singleStory()->get_title();
$pdfTitle = $r->singleStory()->get_title(['encode'=> record_adapter::ENCODE_NONE]);
$storyId = $r->singleStory()->getId();
}