mirror/UNIT3D-Community-Edition
1
0
Fork 0
mirror of https://github.com/HDInnovations/UNIT3D-Community-Edition.git synced 2026-04-23 19:50:40 -05:00
Code Issues Packages Projects Releases Wiki Activity

fix: swap order of xss cleaning and bbcode parsing in bbcode preview

Browse Source 
Follow up to #3497. Had it the wrong way around. We fixed XSS, but broke BBCode.
This commit is contained in:
Roardom
2024-02-08 14:42:36 +00:00
parent b823ade1b3
commit d44eb43c7c
1 changed files with 1 additions and 1 deletions
Download Patch File Download Diff File Expand all files Collapse all files
app/Http/Livewire/BbcodeInput.php
+1 -1
View File
@@ -42,7 +42,7 @@ class BbcodeInput extends Component
final public function updatedIsPreviewEnabled(): void
{
if ($this->isPreviewEnabled) {
$this->contentHtml = htmlspecialchars((new AntiXSS())->xss_clean((new Bbcode())->parse($this->contentBbcode)), ENT_NOQUOTES);
$this->contentHtml = (new Bbcode())->parse(htmlspecialchars((new AntiXSS())->xss_clean($this->contentBbcode), ENT_NOQUOTES));
}
}