search

vimeo / psalm

A static analysis tool for finding errors in PHP applications
https://psalm.dev
MIT License
5.56k stars 660 forks source link

Escaping in foreach loop not working? #10789

Open lazi3b0y opened 8 months ago

lazi3b0y commented 8 months ago

https://psalm.dev/r/e3d3058ede

Why doesn't this work? Is there a workaround?

psalm-github-bot[bot] commented 8 months ago

I found these snippets:

https://psalm.dev/r/e3d3058ede ```php $value) { unset($_REQUEST[$key]); $_REQUEST[\htmlentities($key, ENT_QUOTES, 'UTF-8')] = \htmlentities($value, ENT_QUOTES, 'UTF-8'); } echo $_REQUEST['a']; ``` ``` Psalm output (using commit 3600d51): ERROR: TaintedHtml - 8:6 - Detected tainted HTML ERROR: TaintedTextWithQuotes - 8:6 - Detected tainted text with possible quotes ```