diff options
Diffstat (limited to 'perllib/FixMyStreet/App/View/Web.pm')
| -rw-r--r-- | perllib/FixMyStreet/App/View/Web.pm | 21 |
1 files changed, 21 insertions, 0 deletions
diff --git a/perllib/FixMyStreet/App/View/Web.pm b/perllib/FixMyStreet/App/View/Web.pm index 44f80e375..5579d0d53 100644 --- a/perllib/FixMyStreet/App/View/Web.pm +++ b/perllib/FixMyStreet/App/View/Web.pm @@ -23,6 +23,7 @@ __PACKAGE__->config( ], FILTERS => { escape_js => \&escape_js, + html => \&html_filter, }, COMPILE_EXT => '.ttc', STAT_TTL => FixMyStreet->config('STAGING_SITE') ? 1 : 86400, @@ -144,5 +145,25 @@ sub escape_js { return $text; } +=head2 html_filter + +Same as Template Toolkit's html_filter, but escapes ' too, as we don't (and +shouldn't have to) know whether we'll be used inbetween single or double +quotes. + +=cut + +sub html_filter { + my $text = shift; + for ($text) { + s/&/&/g; + s/</</g; + s/>/>/g; + s/"/"/g; + s/'/'/g; + } + return $text; +} + 1; |