Handle invalid code sequences in Html::encode()

be164e45 · DaSourcerer · 2b26dd32 · be164e45 · be164e45
Commit be164e45 authored May 20, 2014 by DaSourcerer
Hide whitespace changes
Inline Side-by-side

Showing with 2 additions and 2 deletions

BaseHtml.php framework/helpers/BaseHtml.php +1 -1

HtmlTest.php tests/unit/framework/helpers/HtmlTest.php +1 -1

No files found.
--- a/framework/helpers/BaseHtml.php
+++ b/framework/helpers/BaseHtml.php
@@ -92,7 +92,7 @@ class BaseHtml
     */
    public static function encode($content, $doubleEncode = true)
    {
-        return htmlspecialchars($content, ENT_QUOTES, Yii::$app->charset, $doubleEncode);
+        return htmlspecialchars($content, ENT_QUOTES | ENT_SUBSTITUTE, Yii::$app->charset, $doubleEncode);
    }
    /**

--- a/tests/unit/framework/helpers/HtmlTest.php
+++ b/tests/unit/framework/helpers/HtmlTest.php
@@ -38,7 +38,7 @@ class HtmlTest extends TestCase
    public function testEncode()
    {
-        $this->assertEquals("a&lt;&gt;&amp;&quot;&#039;", Html::encode("a<>&\"'"));
+        $this->assertEquals("a&lt;&gt;&amp;&quot;&#039;�", Html::encode("a<>&\"'\x80"));
    }
    public function testDecode()