B
Bernat
Newcomer
First Post Conversation Starter
2 posts
Since a recent update of Grav to 1.7 version, this has been an issue, some variables are not rendering its value when they are returned inside a PHP string which contains HTML tags.
< ? php
namespace Grav \ Plugin \ Shortcodes ;
use Thunder \ Shortcode \ Shortcode \ ShortcodeInterface ;
class productList extends Shortcode
{
public function init ( )
{
$ this -> shortcode -> getHandlers ( ) -> add ( ' productList ' , function ( ShortcodeInterface $ sc ) {
// ...
$ imgTag = ' <img src="{{ base_url_absolute }}" width="34" height="20" > ' ;
return ' {% block eSelect %}
<div class="list_images"> '
. $ imgTag .
' </div> ' ;
} ) ;
}
}
Outputs the following:
< div class = " list_images " >
< img src = " %7B%7B%20base_url_absolute%20%7D%7D " width = " 34 " height = " 20 " >
</ div >
Any ideas why is this happening? This used not to occur on previous versions.
Thanks!
last edited 04/28/22 by Bernat
P
pamtbaau
Legend
First Post Conversation Starter Well Liked
3129 posts
@lo_bernat, You are probably forgetting to apply the |raw filter when outputting the generated Twig string.
See Most common issues in the upgrade docs for to Grav 1.7.
Grav 1.7 is compatible with the auto-escape function of Twig. As a security measure to prevent XSS, all output will be escaped by default, unless the |raw filter is applied like:
last edited 04/28/22 by pamtbaau
P
pamtbaau
Legend
First Post Conversation Starter Well Liked
3129 posts
@lo_bernat, I see this is a verbatim cross-post from this question on the repo of grav-plugin-shortcode-core.
Cross-posting is often not appreciated by community members. In the end, users in one of the forums have wasted their time...
I'm therefor closing this post.
In rare cases that it is necessary, it would be better to notify both forums about the cross-post and also cross-posting any answers.
last edited 04/28/22 by pamtbaau