Welcome to mirror list, hosted at ThFree Co, Russian Federation.

github.com/matomo-org/matomo.git - Unnamed repository; edit this file 'description' to name the repository.
summaryrefslogtreecommitdiff
path: root/plugins/CorePluginsAdmin
diff options
context:
space:
mode:
authordiosmosis <diosmosis@users.noreply.github.com>2018-12-09 02:10:41 +0300
committerGitHub <noreply@github.com>2018-12-09 02:10:41 +0300
commit11fefdf6721f7143992ca48739c4ec4e5c9de208 (patch)
tree00b85d2da7cfbe20374fbfdea56e990b00fc5a15 /plugins/CorePluginsAdmin
parentcf7d63625f565da0fc651439a911cb46cc29c08d (diff)
Use angular to sanitize plugin description. (#13714)
* Use angular to sanitize plugin description. * fix broken homepage link, no longer allow html in plugin description
Diffstat (limited to 'plugins/CorePluginsAdmin')
-rw-r--r--plugins/CorePluginsAdmin/Controller.php5
-rw-r--r--plugins/CorePluginsAdmin/templates/macros.twig4
2 files changed, 4 insertions, 5 deletions
diff --git a/plugins/CorePluginsAdmin/Controller.php b/plugins/CorePluginsAdmin/Controller.php
index ba0cee89ff..9a1af61163 100644
--- a/plugins/CorePluginsAdmin/Controller.php
+++ b/plugins/CorePluginsAdmin/Controller.php
@@ -304,10 +304,9 @@ class Controller extends Plugin\ControllerAdmin
. '</strong><br/>'
. $suffix;
} else {
- $description = '<strong>'
- . $this->translator->translate('CorePluginsAdmin_PluginNotFound',
+ $description = $this->translator->translate('CorePluginsAdmin_PluginNotFound',
array($pluginName))
- . '</strong><br/>'
+ . "\n"
. $this->translator->translate('CorePluginsAdmin_PluginNotFoundAlternative');
}
$plugin['info'] = array(
diff --git a/plugins/CorePluginsAdmin/templates/macros.twig b/plugins/CorePluginsAdmin/templates/macros.twig
index 0e4d358a2b..ad0f4bb2ac 100644
--- a/plugins/CorePluginsAdmin/templates/macros.twig
+++ b/plugins/CorePluginsAdmin/templates/macros.twig
@@ -141,7 +141,7 @@
</div>
<div class="plugin-desc-text">
- {{ plugin.info.description|raw|nl2br }}
+ {{ plugin.info.description|nl2br }}
{% if plugin.info.homepage|default is not empty and plugin.info.homepage not in [
'http://piwik.org', 'http://www.piwik.org', 'http://piwik.org/', 'http://www.piwik.org/',
@@ -150,7 +150,7 @@
'https://matomo.org', 'https://www.matomo.org', 'https://matomo.org/', 'https://www.matomo.org/'
] %}
<span class="plugin-homepage">
- <a target="_blank" rel="noreferrer noopener" href="{{ plugin.info.homepage }}">({{ 'CorePluginsAdmin_PluginHomepage'|translate|replace({' ': '&nbsp;'})|raw }})</a>
+ <a target="_blank" rel="noreferrer noopener" href="{{ plugin.info.homepage|e('html_attr') }}">({{ 'CorePluginsAdmin_PluginHomepage'|translate|replace({' ': '&nbsp;'})|raw }})</a>
</span>
{% endif %}
generated by cgit v1.2.3 (git 2.25.1) at 2024-08-31 07:43:54 +0300