Page MenuHomeDevCentral
Differential D3782

Don't call get_url from templates
ClosedPublic
Actions

Authored by dereckson on Sun, Oct 19, 23:19.

Details

Reviewers
dereckson
Commits
rOBSIDIAN1148d4ac4dce: Don't call get_url from templates
Summary

To avoid arbitrary execution of PHP code inside Smarty,
move the responsibility to call get_url() from the template
to the relevant controller code.

Diff Detail

Repository
rOBSIDIAN Obsidian Workspaces
Lint
Lint Not Applicable
Unit
Tests Not Applicable

Event Timeline

dereckson requested review of this revision.Sun, Oct 19, 23:19
dereckson created this revision.
Harbormaster completed remote builds in B6054: Diff 9796.Sun, Oct 19, 23:19
dereckson planned changes to this revision.Sun, Oct 19, 23:21
dereckson added inline comments.
workspaces/src/controllers/errorpage.php
61 ↗(On Diff #9796)

Already defined line 56.

dereckson updated this revision to Diff 9797.Sun, Oct 19, 23:22

Use already defined URL_HOME in 404

Harbormaster completed remote builds in B6055: Diff 9797.Sun, Oct 19, 23:22
dereckson updated this revision to Diff 9798.Sun, Oct 19, 23:23

-root_url too

Harbormaster completed remote builds in B6056: Diff 9798.Sun, Oct 19, 23:23
dereckson accepted this revision.Sun, Oct 19, 23:26
This revision is now accepted and ready to land.Sun, Oct 19, 23:26
Closed by commit rOBSIDIAN1148d4ac4dce: Don't call get_url from templates (authored by dereckson). · Explain WhySun, Oct 19, 23:26
This revision was automatically updated to reflect the committed changes.
dereckson added a commit: rOBSIDIAN1148d4ac4dce: Don't call get_url from templates.

Revision Contents
Changeset List

PathSize
workspaces/
src/
apps/
documents/
4 lines
content/
help/
2 lines
controllers/
6 lines
1 line
skins/
bluegray/
apps/
documents/
4 lines
errors/
2 lines
8 lines
12 lines
10 lines

Diff 9799

View Options

workspaces/src/apps/documents/DocumentsApplication.php

Loading...
View Options

workspaces/src/content/help/credits.html

Loading...
View Options

workspaces/src/controllers/header.php

Loading...
View Options

workspaces/src/controllers/help.php

Loading...
View Options

workspaces/src/skins/bluegray/apps/documents/documents_list.tpl

Loading...
View Options

workspaces/src/skins/bluegray/errors/404.tpl

Loading...
View Options

workspaces/src/skins/bluegray/header.tpl

Loading...
View Options

workspaces/src/skins/bluegray/nav_help.tpl

Loading...
View Options

workspaces/src/skins/bluegray/nav_main.tpl

Loading...
Nasqueron DevCentral · If it had been much bigger the moon would have had a core of ice. · Powered by Phabricator