Reasoning: Laravel provides a handy HtmlString that implements the Htmlable interface. If a function in the twig template is called and such a object is returned, it should not escape the HTML.
Twig provides a handy setSafeClass method on the EscaperExtension class which is enabled by default. This PR adds the ability to define custom safe classes in the config item. By default, we set the sensable Htmlable with the ['html'] strategy.
Coverage decreased (-0.4%) to 54.482% when pulling e1a2fc354477f186c06c2f6de4e235e97b8bae15 on mbardelmeijer:safeClasses into b8bd5db744d51adb11623547f281dfaf5ac60230 on rcrowe:master.
Coverage decreased (-0.4%) to 54.418% when pulling e1a2fc354477f186c06c2f6de4e235e97b8bae15 on mbardelmeijer:safeClasses into b8bd5db744d51adb11623547f281dfaf5ac60230 on rcrowe:master.
Reasoning: Laravel provides a handy
HtmlString
that implements theHtmlable
interface. If a function in the twig template is called and such a object is returned, it should not escape the HTML.Twig provides a handy
setSafeClass
method on theEscaperExtension
class which is enabled by default. This PR adds the ability to define custom safe classes in the config item. By default, we set the sensableHtmlable
with the['html']
strategy.