Skip to content

Commit

Permalink
optimized urlslug input (#14669)
Browse files Browse the repository at this point in the history
  • Loading branch information
@Corepex
Corepex committed Mar 15, 2023
1 parent 2ec0e17 commit c59d0bf
Show file tree
Hide file tree
Showing 3 changed files with 14 additions and 1 deletion.
5 changes: 5 additions & 0 deletions bundles/AdminBundle/Controller/Admin/Document/DocumentControllerBase.php
View file
Expand Up @@ -162,6 +162,11 @@ protected function addSettingsToDocument(Request $request, Model\Document $docum
if ($request->get('settings')) {
if ($document->isAllowed('settings')) {
$settings = $this->decodeJson($request->get('settings'));

if(array_key_exists('prettyUrl' , $settings)){
$settings['prettyUrl'] = htmlspecialchars($settings['prettyUrl']);
}

$document->setValues($settings);
}
}
Expand Down
6 changes: 5 additions & 1 deletion bundles/AdminBundle/Resources/public/js/pimcore/document/pages/settings.js
View file
Expand Up @@ -224,7 +224,7 @@ pimcore.document.pages.settings = Class.create(pimcore.document.settings_abstrac
method: "POST",
params: {
id: this.document.id,
path: el.getValue()
path: pimcore.helpers.sanitizeUrlSlug(el.getValue())
},
success: function (res) {
res = Ext.decode(res.responseText);
Expand All @@ -238,6 +238,10 @@ pimcore.document.pages.settings = Class.create(pimcore.document.settings_abstrac
}
}
});
}.bind(this),
"change": function (el) {
const sanitizedValue = pimcore.helpers.sanitizeUrlSlug(el.getValue());
el.setValue(sanitizedValue);
}.bind(this)
}
}
Expand Down
4 changes: 4 additions & 0 deletions bundles/AdminBundle/Resources/public/js/pimcore/helpers.js
View file
Expand Up @@ -18,6 +18,10 @@ pimcore.helpers.sanitizeEmail = function (email) {
return email.replace(/[^a-zA-Z0-9_\-@.+]/g,'');
};

pimcore.helpers.sanitizeUrlSlug = function (slug) {
return slug.replace(/[^a-z0-9-_+/]/gi, '');
};

pimcore.helpers.registerKeyBindings = function (bindEl, ExtJS) {

if (!ExtJS) {
Expand Down

0 comments on commit c59d0bf

Please sign in to comment.