Skip to content
Snippets Groups Projects
Select Git revision
  • 5.4
  • 4.4
  • 6.1 default protected
  • 6.0
  • 5.3
  • 3.4
  • 5.2
  • 5.1
  • 5.0
  • 4.3
  • 4.2
  • 2.8
  • 4.1
  • 2.7
  • 4.0
  • 3.3
  • 3.2
  • 3.1
  • 3.0
  • 2.3
  • v6.0.6
  • v5.4.6
  • v4.4.39
  • v5.3.16
  • v6.0.5
  • v5.4.5
  • v4.4.38
  • v6.0.4
  • v5.4.4
  • v5.3.15
  • v6.0.3
  • v5.4.3
  • v5.3.14
  • v4.4.37
  • v6.0.2
  • v5.4.2
  • v5.3.13
  • v4.4.36
  • v6.0.1
  • v5.4.1
40 results

symfony

  • Clone with SSH
  • Clone with HTTPS
  • user avatar
    Nicolas Grekas authored
    This PR was merged into the 2.7 branch.
    
    Discussion
    ----------
    
    [Debug] Missing escape in debug output
    
    | Q             | A
    | ------------- | ---
    | Branch?       | 2.7
    | Bug fix?      | yes
    | New feature?  | no
    | BC breaks?    | no
    | Deprecations? | no
    | Tests pass?   | yes
    | Fixed tickets |
    | License       | MIT
    | Doc PR        |
    
    When pretty-printing an exception, the debug handler does not properly escape array keys.
    
    The problem only occurs when debug output is enabled, so this is not considered a [security issue](http://symfony.com/doc/current/contributing/code/security.html) (according to @fabpot), because the debug tools [should not be used in production](https://symfony.com/doc/current/components/debug.html#usage).
    
    A test for this is included in my patch for #18722.
    
    Commits
    -------
    
    636777dc [Debug] HTML-escape array key
    50b56967
    History

    Symfony is a PHP framework for web applications and a set of reusable PHP components. Symfony is used by thousands of web applications (including BlaBlaCar.com and Spotify.com) and most of the popular PHP projects (including Drupal and Magento).

    Installation

    Documentation

    Community

    Contributing

    Symfony is an Open Source, community-driven project with thousands of contributors. Join them contributing code or contributing documentation.

    Security Issues

    If you discover a security vulnerability within Symfony, please follow our disclosure procedure.

    About Us

    Symfony development is sponsored by SensioLabs, led by the Symfony Core Team and supported by Symfony contributors.