Closed withjam closed 10 years ago
maybe you could checkout project MtHamlMore,it's main feature is to defined haml snippets which is called by haml file . but there is an extra feature 'reduce runtime' , which aims to reduce the exist of 'MtHaml\Runtime' in compiled php string. maybe you could rewrite it to use option ''escape_attrs'
i confirm the problem
What's the use-case for outputing raw HTML code in a attribute value ?
This code:
%link{ :href=>"#{esc_url(get_feed_link())}", :rel=>"alternate", :title=>"#{get_bloginfo('name')} Feed", :type=>"application/rss+xml"}
Insert the code [...]MtHaml\Runtime::renderAttributes[...] with enable_scaper false...
For fix it i'm working on the renderDynamicAttributes in the phprender.php file.
protected function renderDynamicAttributes(Tag $tag)
{
$list = array();
$n = 0;
$this->setEchoMode(false);
foreach ($tag->getAttributes() as $attr) {
if (0 !== $n) {
//$this->raw(', ');
}
$this->raw(' ');
//str_replace("'",'',$attr->getName()->accept($this));
$this->raw('=');
$pog = $attr->getValue()->accept($this);
if($pog[0]=='(') {
$this->raw(' <?php ');
trim($pog);
$this->raw(' ?>');
} else {
$attr->getValue()->accept($this);
}
++$n;
}
$this->setEchoMode(true);
}
The code it's not finished but it's an horror hack XD
fixed in this pull request: https://github.com/arnaud-lb/MtHaml/pull/55
Even when disabling escaper and setting escape_attrs to false, dynamic attributes are always escaped in resultant php/html file. Here is my environment options:
array('enable_escaper' => false, 'escape_attrs' => false)
Haml: %div(class="#{body_class()}") %p test
Output: <div <?php echo MtHaml\Runtime::renderAttributes(array(array('class', (body_class()))), 'html5', 'UTF-8'); ?>> <p>test</p> </div>
I would expect it to work just as disabling escaper worked, where the echo is left in directly. So the output would be closer to <div class="<?php echo body_class(); ?>">