mirror of
https://github.com/slawkens/myaac.git
synced 2025-10-15 18:24:56 +02:00
Update Twig to v2.15.4
This commit is contained in:
slawkens
@@ -12,21 +12,20 @@
|
||||
namespace Twig\Sandbox;
|
||||
|
||||
use Twig\Markup;
|
||||
use Twig\Template;
|
||||
|
||||
/**
|
||||
* Represents a security policy which need to be enforced when sandbox mode is enabled.
|
||||
*
|
||||
* @final
|
||||
*
|
||||
* @author Fabien Potencier <fabien@symfony.com>
|
||||
*/
|
||||
class SecurityPolicy implements SecurityPolicyInterface
|
||||
final class SecurityPolicy implements SecurityPolicyInterface
|
||||
{
|
||||
protected $allowedTags;
|
||||
protected $allowedFilters;
|
||||
protected $allowedMethods;
|
||||
protected $allowedProperties;
|
||||
protected $allowedFunctions;
|
||||
private $allowedTags;
|
||||
private $allowedFilters;
|
||||
private $allowedMethods;
|
||||
private $allowedProperties;
|
||||
private $allowedFunctions;
|
||||
|
||||
public function __construct(array $allowedTags = [], array $allowedFilters = [], array $allowedMethods = [], array $allowedProperties = [], array $allowedFunctions = [])
|
||||
{
|
||||
@@ -51,7 +50,7 @@ class SecurityPolicy implements SecurityPolicyInterface
|
||||
{
|
||||
$this->allowedMethods = [];
|
||||
foreach ($methods as $class => $m) {
|
||||
$this->allowedMethods[$class] = array_map('strtolower', \is_array($m) ? $m : [$m]);
|
||||
$this->allowedMethods[$class] = array_map(function ($value) { return strtr($value, 'ABCDEFGHIJKLMNOPQRSTUVWXYZ', 'abcdefghijklmnopqrstuvwxyz'); }, \is_array($m) ? $m : [$m]);
|
||||
}
|
||||
}
|
||||
|
||||
@@ -88,12 +87,12 @@ class SecurityPolicy implements SecurityPolicyInterface
|
||||
|
||||
public function checkMethodAllowed($obj, $method)
|
||||
{
|
||||
if ($obj instanceof \Twig_TemplateInterface || $obj instanceof Markup) {
|
||||
if ($obj instanceof Template || $obj instanceof Markup) {
|
||||
return;
|
||||
}
|
||||
|
||||
$allowed = false;
|
||||
$method = strtolower($method);
|
||||
$method = strtr($method, 'ABCDEFGHIJKLMNOPQRSTUVWXYZ', 'abcdefghijklmnopqrstuvwxyz');
|
||||
foreach ($this->allowedMethods as $class => $methods) {
|
||||
if ($obj instanceof $class) {
|
||||
$allowed = \in_array($method, $methods);
|
||||
|
||||
Reference in New Issue
Block a user