bitPickups/ad-aures_castoPod
1
0
Fork 0
mirror of https://github.com/ad-aures/castopod.git synced 2026-04-13 19:47:45 +02:00
Code Issues Projects Releases Packages Wiki Activity

fix(security): add csrf filter + prevent xss attacks by escaping user input

Browse source 
- update CI4 to v4.1.9's stable production package
- update php and js dependencies to latest
This commit is contained in:
Yassine Doghri 2022-03-04 14:33:48 +00:00
commit cd2e1e1dc3
182 changed files with 4410 additions and 4214 deletions
Download patch file Download diff file Expand all files Collapse all files

3
app/Libraries/ViewComponents/ComponentRenderer.php
View file

@ -228,10 +228,10 @@ class ComponentRenderer
if (! file_exists($filePath)) {
return null;
}
$className = service('locator')
->getClassname($filePath);
/** @phpstan-ignore-next-line */
if (! class_exists($className)) {
return null;
}
@ -247,7 +247,6 @@ class ComponentRenderer
private function renderView(string $view, array $data): string
{
return (function (string $view, $data): string {
/** @phpstan-ignore-next-line */
extract($data);
ob_start();
eval('?>' . file_get_contents($view));