Skip to content

Commit

Permalink
added escape css method to sanitize CSS
Browse files Browse the repository at this point in the history
  • Loading branch information
@olegnax
olegnax committed Jul 29, 2024
1 parent 7bbe0c3 commit 1184398
Show file tree
Hide file tree
Showing 4 changed files with 60 additions and 2 deletions.
23 changes: 23 additions & 0 deletions Model/DynamicStyle/EscapeCss.php
View file
Original file line number Diff line number Diff line change
@@ -0,0 +1,23 @@
<?php
/**
* @author Olegnax
* @package Olegnax_Core
* @copyright Copyright (c) 2024 Olegnax (http://olegnax.com/). All rights reserved.
* See COPYING.txt for license details.
*/

namespace Olegnax\Core\Model\DynamicStyle;

class EscapeCss
{
public function escapeCss($css){
if (!empty($css)) {
$css = preg_replace('/[\r\n\t]/', ' ', $css);
$css = preg_replace('/[\r\n\t ]{2,}/', ' ', $css);
$css = preg_replace('/\s+(\:|\;|\{|\})\s+/', '\1', $css);
$css = preg_replace('/<[^<>]+>(.*?)<\/[^<>]+>/m', '/* Forbidden tags in styles */', $css);
return $css;
}
return '';
}
}
35 changes: 35 additions & 0 deletions ViewModel/RenderCssViewModel.php
View file
Original file line number Diff line number Diff line change
@@ -0,0 +1,35 @@
<?php
/**
* @author Olegnax
* @package Olegnax_Core
* @copyright Copyright (c) 2024 Olegnax (http://olegnax.com/). All rights reserved.
* See COPYING.txt for license details.
*/

namespace Olegnax\Core\ViewModel;

use Olegnax\Core\Model\DynamicStyle\EscapeCss;
use Magento\Framework\View\Element\Block\ArgumentInterface;

/**
* RenderCssViewModel
*/
class RenderCssViewModel implements ArgumentInterface
{
/**
* @var EscapeCss
*/
protected $escapeCss;

/**
* @param EscapeCss $escapeCss
*/
public function __construct(EscapeCss $escapeCss)
{
$this->escapeCss = $escapeCss;
}

public function escapeCss($css){
return $this->escapeCss->escapeCss($css);
}
}
2 changes: 1 addition & 1 deletion composer.json
View file
Original file line number Diff line number Diff line change
@@ -1,7 +1,7 @@
{
"name": "olegnax/module-core",
"description": "Olegnax Core. Required by all Olegnax extensions and themes.",
"version": "1.3.4.2",
"version": "1.3.4.3",
"type": "magento2-module",
"license": [
"OSL-3.0"
Expand Down
2 changes: 1 addition & 1 deletion etc/module.xml
View file
Original file line number Diff line number Diff line change
@@ -1,6 +1,6 @@
<config xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
xsi:noNamespaceSchemaLocation="urn:magento:framework:Module/etc/module.xsd">
<module name="Olegnax_Core" setup_version="1.3.4.2">
<module name="Olegnax_Core" setup_version="1.3.4.3">
<sequence>
<module name="Magento_AdminNotification"/>
<module name="Magento_Catalog"/>
Expand Down

0 comments on commit 1184398

Please sign in to comment.