|
Smarty
WARNING: All discussion is moving to https://reddit.com/r/smarty, please go there! This forum will be closing soon. |
|
View previous topic :: View next topic |
Author |
Message |
mad_griffith Smarty n00b
Joined: 28 Oct 2018 Posts: 4
|
Posted: Sun Oct 28, 2018 4:24 pm Post subject: Handling JSON output |
|
|
Hi, I have a multidimensional array in PHP that I am json_encode'ing in order to add the resulting object in some javascript code to be displayed in a smarty/html file. The problem is that the JSON object will always be rendered with escaped double quotes and I can't use the "nofilter" modifier on the twig variable because I need to handle XSS.
How would you guy tackle this?
Last edited by mad_griffith on Tue Oct 30, 2018 8:49 pm; edited 1 time in total |
|
Back to top |
|
AnrDaemon Administrator
Joined: 03 Dec 2012 Posts: 1785
|
Posted: Tue Oct 30, 2018 8:48 pm Post subject: |
|
|
How's this related to Smarty? |
|
Back to top |
|
mad_griffith Smarty n00b
Joined: 28 Oct 2018 Posts: 4
|
Posted: Tue Oct 30, 2018 8:50 pm Post subject: |
|
|
AnrDaemon wrote: | How's this related to Smarty? |
My bad, I wrote "twig" all over the place, but it's indeed smarty I meant to say. |
|
Back to top |
|
mad_griffith Smarty n00b
Joined: 28 Oct 2018 Posts: 4
|
Posted: Tue Oct 30, 2018 8:51 pm Post subject: Re: Handling JSON output |
|
|
mad_griffith wrote: | Hi, I have a multidimensional array in PHP that I am json_encode'ing in order to add the resulting object in some javascript code to be displayed in a smarty/html file. The problem is that the JSON object will always be rendered with escaped double quotes and I can't use the "nofilter" modifier on the smarty variable because I need to handle XSS.
How would you guy tackle this? |
|
|
Back to top |
|
AnrDaemon Administrator
Joined: 03 Dec 2012 Posts: 1785
|
Posted: Tue Oct 30, 2018 9:22 pm Post subject: |
|
|
XSS is not cause by some printing, it's caused by unsafe input handling. |
|
Back to top |
|
mad_griffith Smarty n00b
Joined: 28 Oct 2018 Posts: 4
|
Posted: Tue Oct 30, 2018 9:28 pm Post subject: |
|
|
AnrDaemon wrote: | XSS is not cause by some printing, it's caused by unsafe input handling. |
Ofc. But I am building a Prestashop module and my module got rejected by an automatic validation because of "nofilter", so I would need to find an alternative. |
|
Back to top |
|
AnrDaemon Administrator
Joined: 03 Dec 2012 Posts: 1785
|
Posted: Tue Oct 30, 2018 9:44 pm Post subject: |
|
|
Yet again, bring that up with Prestashop support.
This has nothing to do with Smarty.
P.S.
I cleaned your misleading posts in another thread. |
|
Back to top |
|
|
|
You cannot post new topics in this forum You cannot reply to topics in this forum You cannot edit your posts in this forum You cannot delete your posts in this forum You cannot vote in polls in this forum
|
Powered by phpBB © 2001, 2005 phpBB Group
|