@@ -48,8 +48,8 @@ public function __construct($fileLinkFormat, string $projectDir, string $charset
4848 public function getFilters ()
4949 {
5050 return [
51- new TwigFilter ('abbr_class ' , [$ this 'abbrClass ' ], ['is_safe ' => ['html ' ]]),
52- new TwigFilter ('abbr_method ' , [$ this 'abbrMethod ' ], ['is_safe ' => ['html ' ]]),
51+ new TwigFilter ('abbr_class ' , [$ this 'abbrClass ' ], ['is_safe ' => ['html ' ], ' pre_escape ' => ' html '
52+ new TwigFilter ('abbr_method ' , [$ this 'abbrMethod ' ], ['is_safe ' => ['html ' ], ' pre_escape ' => ' html '
5353 new TwigFilter ('format_args ' , [$ this 'formatArgs ' ], ['is_safe ' => ['html ' ]]),
5454 new TwigFilter ('format_args_as_text ' , [$ this 'formatArgsAsText ' ]),
5555 new TwigFilter ('file_excerpt ' , [$ this 'fileExcerpt ' ], ['is_safe ' => ['html ' ]]),
@@ -95,22 +95,23 @@ public function formatArgs($args)
9595 $ result
9696 foreach ($ argsas $ key$ item
9797 if ('object ' === $ item0 ]) {
98+ $ item1 ] = htmlspecialchars ($ item1 ], \ENT_COMPAT | \ENT_SUBSTITUTE , $ this charset );
9899 $ partsexplode ('\\' , $ item1 ]);
99100 $ shortarray_pop ($ parts
100101 $ formattedValuesprintf ('<em>object</em>(<abbr title="%s">%s</abbr>) ' , $ item1 ], $ short
101102 } elseif ('array ' === $ item0 ]) {
102- $ formattedValuesprintf ('<em>array</em>(%s) ' , \is_array ($ item1 ]) ? $ this formatArgs ($ item1 ]) : $ item1 ]);
103+ $ formattedValuesprintf ('<em>array</em>(%s) ' , \is_array ($ item1 ]) ? $ this formatArgs ($ item1 ]) : htmlspecialchars ( var_export ( $ item1 ], true ), \ ENT_COMPAT | \ ENT_SUBSTITUTE , $ this -> charset ) );
103104 } elseif ('null ' === $ item0 ]) {
104105 $ formattedValue'<em>null</em> ' ;
105106 } elseif ('boolean ' === $ item0 ]) {
106- $ formattedValue'<em> ' .strtolower (var_export ($ item1 ], true )).'</em> ' ;
107+ $ formattedValue'<em> ' .strtolower (htmlspecialchars ( var_export ($ item1 ], true ), \ ENT_COMPAT | \ ENT_SUBSTITUTE , $ this -> charset )).'</em> ' ;
107108 } elseif ('resource ' === $ item0 ]) {
108109 $ formattedValue'<em>resource</em> ' ;
109110 } else {
110111 $ formattedValuestr_replace ("\n" , '' , htmlspecialchars (var_export ($ item1 ], true ), \ENT_COMPAT | \ENT_SUBSTITUTE , $ this charset ));
111112 }
112113
113- $ result\is_int ($ key$ formattedValuesprintf ("'%s' => %s " , $ key$ formattedValue
114+ $ result\is_int ($ key$ formattedValuesprintf ("'%s' => %s " , htmlspecialchars ( $ key, \ ENT_COMPAT | \ ENT_SUBSTITUTE , $ this -> charset ) , $ formattedValue
114115 }
115116
116117 return implode (', ' , $ result
@@ -178,13 +179,17 @@ public function fileExcerpt($file, $line, $srcContext = 3)
178179 public function formatFile ($ file$ line$ textnull )
179180 {
180181 $ filetrim ($ file
182+ $ lineint ) $ line
181183
182184 if (null === $ text
183- $ text$ file
184- if (null !== $ rel$ this getFileRelative ($ text
185- $ relexplode ('/ ' , $ rel2 );
186- $ textsprintf ('<abbr title="%s%2$s">%s</abbr>%s ' , $ this projectDir , $ rel0 ], '/ ' .($ rel1 ] ?? '' ));
185+ if (null !== $ rel$ this getFileRelative ($ file
186+ $ relexplode ('/ ' , htmlspecialchars ($ relENT_COMPAT | \ENT_SUBSTITUTE , $ this charset ), 2 );
187+ $ textsprintf ('<abbr title="%s%2$s">%s</abbr>%s ' , htmlspecialchars ($ this projectDir , \ENT_COMPAT | \ENT_SUBSTITUTE , $ this charset ), $ rel0 ], '/ ' .($ rel1 ] ?? '' ));
188+ } else {
189+ $ texthtmlspecialchars ($ fileENT_COMPAT | \ENT_SUBSTITUTE , $ this charset );
187190 }
191+ } else {
192+ $ texthtmlspecialchars ($ textENT_COMPAT | \ENT_SUBSTITUTE , $ this charset );
188193 }
189194
190195 if (0 < $ line
0 commit comments