Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Allow Twig\Environment::render to be tainted even when using variables as arguments. #97

Merged

Conversation

adrienlucas
Copy link
Contributor

@adrienlucas adrienlucas commented Oct 15, 2020

Before this, taints were not forwarded if the call to Twig\Environment::render was made using variables as arguments (i.e. template name and template parameters).

In other words :

$untrusted = $_GET['untrusted'];

// this was the only supported syntax before
$twig->render('index.html.twig', ['untrusted' => $untrusted]);

// this is now supported
$template = 'index.html.twig';
$parameters = ['untrusted' => $untrusted];
$twig->render($template, $parameters);

@adrienlucas adrienlucas force-pushed the twig-taint-allow-variable-template-name branch from a224d9c to cb3b53f Compare October 16, 2020 10:12
@adrienlucas adrienlucas changed the title Allow Twig\Environment::render to be tainted even with a variable as template name. Allow Twig\Environment::render to be tainted even when using variables as arguments. Oct 16, 2020
@adrienlucas adrienlucas force-pushed the twig-taint-allow-variable-template-name branch from 1849455 to 0af7f97 Compare October 16, 2020 14:19
…template name

Allow Twig\Environment::render to be tainted even with a variable as template parameters

Allow using a variable as template name for CachedTemplatesTainter too

Add TwigUtils::extractTemplateNameFromExpression tests
@adrienlucas adrienlucas force-pushed the twig-taint-allow-variable-template-name branch from 0af7f97 to 49609a5 Compare November 10, 2020 10:17
@seferov seferov merged commit 0397c58 into psalm:master Nov 10, 2020
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Labels
None yet
Projects
None yet
Development

Successfully merging this pull request may close these issues.

2 participants