From b660b1681f33a817f5242ccc172ef4b5ec0cee9b Mon Sep 17 00:00:00 2001 From: Christos Nianiakas Date: Tue, 30 Aug 2016 09:40:58 +0300 Subject: [PATCH] Escaping HTML special characters in v2 compile output. --- .../Codebender/CompilerBundle/Handler/CompilerV2Handler.php | 3 +++ 1 file changed, 3 insertions(+) diff --git a/Symfony/src/Codebender/CompilerBundle/Handler/CompilerV2Handler.php b/Symfony/src/Codebender/CompilerBundle/Handler/CompilerV2Handler.php index 00f63c6..a444831 100644 --- a/Symfony/src/Codebender/CompilerBundle/Handler/CompilerV2Handler.php +++ b/Symfony/src/Codebender/CompilerBundle/Handler/CompilerV2Handler.php @@ -780,6 +780,9 @@ protected function pathRemover($output, $config) $message .= $modified . "\n"; } + // Escape HTML special characters + $message = htmlspecialchars($message); + return $message; } }