Commit Graph

4 Commits

Author SHA1 Message Date
Farhad Safarov
9b2ea6a79c
[psalm] adopt new version (#149) 2021-02-21 14:29:54 +03:00
Adrien LUCAS
4ec19385d4
[tainting] Twig print should not be an actual taint sink (#123)
* Twig print should not be a sink

* Add links to the test cases for tainting twig

* Update psalm

* Force typing of Request:: to ensure taint detection

* Fix test using old hooks mechanism.
2021-01-16 16:03:43 +03:00
Adrien LUCAS
a7d3a76ca0
[tainting] improve twig template names resolving (#122) 2020-12-15 10:52:58 +03:00
Adrien LUCAS
0397c581db
[tainting] Allow Twig\Environment::render to be tainted even with a variable as template name (#97)
Allow Twig\Environment::render to be tainted even with a variable as template parameters

Allow using a variable as template name for CachedTemplatesTainter too

Add TwigUtils::extractTemplateNameFromExpression tests
2020-11-10 13:23:21 +03:00