Sanitize html for good measure

This commit is contained in:
Julie Lenaerts 2024-10-21 15:39:05 +02:00
parent 34bbee2031
commit 9416a19d85

View File

@ -20,7 +20,7 @@ final readonly class ChillGenderIconRender implements ChillEntityRenderInterface
{
public function renderBox($icon, array $options): string
{
return '<i class="'.$icon->value.'"></i>';
return '<i class="'.htmlspecialchars($icon->value, ENT_QUOTES, 'UTF-8').'"></i>';
}
public function renderString($icon, array $options): string