Merge branch 'develop' into 1.9

# Conflicts:
#	languages/en.yaml
This commit is contained in:
Andy Miller
2018-10-01 14:06:09 -06:00
3 changed files with 10 additions and 4 deletions

View File

@@ -18,6 +18,9 @@ form:
title: PLUGIN_ADMIN.CONTENT
fields:
xss_check:
type: xss
frontmatter:
classes: frontmatter
type: editor

View File

@@ -661,10 +661,7 @@ class AdminController extends AdminBaseController
$check_what = ['header' => $data['header'], 'content' => $data['content']];
$results = Security::detectXssFromArray($check_what);
if (!empty($results)) {
$results_parts = array_map(function($value, $key) {
return $key.': \''.$value . '\'';
}, array_values($results), array_keys($results));
$this->admin->setMessage('<i class="fa fa-ban"></i> ' . sprintf($this->admin->translate('PLUGIN_ADMIN.XSS_ISSUE'), implode(', ', $results_parts)),
$this->admin->setMessage('<i class="fa fa-ban"></i> ' . $this->admin->translate('PLUGIN_ADMIN.XSS_ONSAVE_ISSUE'),
'error');
return false;
}

View File

@@ -0,0 +1,6 @@
{% set xss_header = data.value('header')|array %}
{% set xss_content = data.value('content') %}
{% set xss_status = xss({header: xss_header, content: xss_content}) %}
{% if xss_status is not empty %}
<div class="notice alert">{{ "PLUGIN_ADMIN.XSS_ISSUE"|tu([xss_status])|raw }}</div>
{% endif %}