use HTML::Entities;
use HTML::TreeBuilder;
use HTML::FormatText;
+ use HTML::Defang;
use JSON;
use MIME::Base64;
use IO::Handle;
=cut
+my %defang_opts = ( attribs_to_callback => ['src'], attribs_callback => sub { 1 });
+
sub mason_interps {
my $mode = shift || 'apache';
my %opt = @_;
$interp{out_method} = $opt{outbuf} if $mode eq 'standalone' && $opt{outbuf};
+ my $html_defang = new HTML::Defang (%defang_opts);
+
my $fs_interp = new HTML::Mason::Interp (
%interp,
escape_flags => { 'js_string' => sub {
${$_[0]} =~ s/(['\\])/\\$1/g;
${$_[0]} =~ s/\n/\\n/g;
${$_[0]} = "'". ${$_[0]}. "'";
- }
+ },
+ 'defang' => sub {
+ ${$_[0]} = $html_defang->defang(${$_[0]});
+ },
},
compiler => HTML::Mason::Compiler::ToObject->new(
allow_globals => [qw(%session)],
<% $note->otaker%>
</TD>
<TD CLASS="grid" BGCOLOR="<% $bgcolor %>">
- <%$note->comments%>
+ <% $note->comments | defang %>
</TD>
% if($edit) {
<TD CLASS="grid" BGCOLOR="<% $bgcolor %>"><% $edit %></TD>
% }
<%init>
+use HTML::Defang;
+
my $conf = new FS::Conf;
my $curuser = $FS::CurrentUser::CurrentUser;
projects / freeside.git / commitdiff