Also icon conversion can be enabled/disabled by passing inline easyIcon option
Example:
$this->Html->easyIcon = false;
echo $this->Html->link('i:tag Title',['easyIcon'=>false]);//icon won't be converted
echo $this->Html->link('i:tag Title',['easyIcon'=>true]);//icon will be converted
echo $this->Html->link('i:tag Title');//icon won't be converted
$this->Html->easyIcon = true;
echo $this->Html->link('i:tag Title',['easyIcon'=>true]);//icon will be converted
echo $this->Html->link('i:tag Title',['easyIcon'=>false]);//icon won't be converted
echo $this->Html->link('i:tag Title');//icon will be converted
Fixes HtmlInjection vulnerability described in #176
This fix allows escaping without disabling easyIcon conversion. Escaping is now enabled by default.
Old unsafe behavior can be achieved by setting option
['escape'=>false]
Example:Also icon conversion can be enabled/disabled by passing inline
easyIcon
option Example: