From 4e884800da48d7e47097e813cc5ab1f92971445b Mon Sep 17 00:00:00 2001
From: Oliver Hader <oliver@typo3.org>
Date: Mon, 28 Nov 2022 17:39:19 +0100
Subject: [PATCH] [TASK] Upgrade to typo3/html-sanitizer v2.1.0
see https://github.com/TYPO3/html-sanitizer/releases/tag/v2.1.0
composer req typo3/html-sanitizer:^2.1.0
composer req typo3/html-sanitizer:^2.1.0 \
-d typo3/sysext/core --no-update
To use custom output rules, the Behavior object must be known in
the Sanitizer, see https://github.com/TYPO3/html-sanitizer/pull/98
Resolves: #99271
Releases: main, 11.5, 10.4
Change-Id: I160f8b49284566afde87d07dde7a4fb69e3174c9
Reviewed-on: https://review.typo3.org/c/Packages/TYPO3.CMS/+/76920
Reviewed-by: Oliver Hader <oliver.hader@typo3.org>
Tested-by: core-ci <typo3@b13.com>
Tested-by: Oliver Hader <oliver.hader@typo3.org>
---
composer.json | 2 +-
composer.lock | 14 +++++++-------
.../core/Classes/Html/DefaultSanitizerBuilder.php | 2 +-
.../core/Classes/Html/I18nSanitizerBuilder.php | 2 +-
typo3/sysext/core/composer.json | 2 +-
5 files changed, 11 insertions(+), 11 deletions(-)
diff --git a/composer.json b/composer.json
index ffecbd55a240..688cf495dbf2 100644
--- a/composer.json
+++ b/composer.json
@@ -97,7 +97,7 @@
"typo3/class-alias-loader": "^1.1.4",
"typo3/cms-cli": "^3.1",
"typo3/cms-composer-installers": "^2.0 || ^3.0 || ^4.0",
- "typo3/html-sanitizer": "^2.0.16",
+ "typo3/html-sanitizer": "^2.1.0",
"typo3/phar-stream-wrapper": "^3.1.7",
"typo3/symfony-psr-event-dispatcher-adapter": "^1.0 || ^2.0",
"typo3fluid/fluid": "^2.7.2"
diff --git a/composer.lock b/composer.lock
index 6ea26be644a0..feb087cf9e57 100644
--- a/composer.lock
+++ b/composer.lock
@@ -4,7 +4,7 @@
"Read more about it at https://getcomposer.org/doc/01-basic-usage.md#installing-dependencies",
"This file is @generated automatically"
],
- "content-hash": "7f1fe3202e967d17ff8e1d94ae8b799d",
+ "content-hash": "6cd6898eae14c87769230274619b8420",
"packages": [
{
"name": "bacon/bacon-qr-code",
@@ -4993,16 +4993,16 @@
},
{
"name": "typo3/html-sanitizer",
- "version": "v2.0.16",
+ "version": "v2.1.0",
"source": {
"type": "git",
"url": "https://github.com/TYPO3/html-sanitizer.git",
- "reference": "60bfdc7f9b394d0236e16ee4cea8372a7defa493"
+ "reference": "2f195f529dd6570d28f838e8340a08025c37fb5b"
},
"dist": {
"type": "zip",
- "url": "https://api.github.com/repos/TYPO3/html-sanitizer/zipball/60bfdc7f9b394d0236e16ee4cea8372a7defa493",
- "reference": "60bfdc7f9b394d0236e16ee4cea8372a7defa493",
+ "url": "https://api.github.com/repos/TYPO3/html-sanitizer/zipball/2f195f529dd6570d28f838e8340a08025c37fb5b",
+ "reference": "2f195f529dd6570d28f838e8340a08025c37fb5b",
"shasum": ""
},
"require": {
@@ -5038,9 +5038,9 @@
"description": "HTML sanitizer aiming to provide XSS-safe markup based on explicitly allowed tags, attributes and values.",
"support": {
"issues": "https://github.com/TYPO3/html-sanitizer/issues",
- "source": "https://github.com/TYPO3/html-sanitizer/tree/v2.0.16"
+ "source": "https://github.com/TYPO3/html-sanitizer/tree/v2.1.0"
},
- "time": "2022-09-13T07:29:06+00:00"
+ "time": "2022-12-05T12:47:34+00:00"
},
{
"name": "typo3/phar-stream-wrapper",
diff --git a/typo3/sysext/core/Classes/Html/DefaultSanitizerBuilder.php b/typo3/sysext/core/Classes/Html/DefaultSanitizerBuilder.php
index c9fc740d7dc6..15160b7171fb 100644
--- a/typo3/sysext/core/Classes/Html/DefaultSanitizerBuilder.php
+++ b/typo3/sysext/core/Classes/Html/DefaultSanitizerBuilder.php
@@ -61,7 +61,7 @@ class DefaultSanitizerBuilder extends CommonBuilder implements SingletonInterfac
{
$behavior = $this->createBehavior();
$visitor = GeneralUtility::makeInstance(CommonVisitor::class, $behavior);
- return GeneralUtility::makeInstance(Sanitizer::class, $visitor);
+ return GeneralUtility::makeInstance(Sanitizer::class, $behavior, $visitor);
}
protected function createBehavior(): Behavior
diff --git a/typo3/sysext/core/Classes/Html/I18nSanitizerBuilder.php b/typo3/sysext/core/Classes/Html/I18nSanitizerBuilder.php
index 528ed2f6a4a4..dab8de58ea82 100644
--- a/typo3/sysext/core/Classes/Html/I18nSanitizerBuilder.php
+++ b/typo3/sysext/core/Classes/Html/I18nSanitizerBuilder.php
@@ -66,7 +66,7 @@ class I18nSanitizerBuilder implements BuilderInterface
);
$visitor = GeneralUtility::makeInstance(CommonVisitor::class, $behavior);
- return GeneralUtility::makeInstance(Sanitizer::class, $visitor);
+ return GeneralUtility::makeInstance(Sanitizer::class, $behavior, $visitor);
}
/**
diff --git a/typo3/sysext/core/composer.json b/typo3/sysext/core/composer.json
index 63c66a882951..e2133bd1d1d5 100644
--- a/typo3/sysext/core/composer.json
+++ b/typo3/sysext/core/composer.json
@@ -73,7 +73,7 @@
"typo3/class-alias-loader": "^1.1.4",
"typo3/cms-cli": "^3.1",
"typo3/cms-composer-installers": "^2.0 || ^3.0 || ^4.0",
- "typo3/html-sanitizer": "^2.0.16",
+ "typo3/html-sanitizer": "^2.1.0",
"typo3/phar-stream-wrapper": "^3.1.7",
"typo3/symfony-psr-event-dispatcher-adapter": "^1.0 || ^2.0",
"typo3fluid/fluid": "^2.7.2"
--
GitLab