From b67af2e30a61bc703991c3e9e5f95f6def2f0caf Mon Sep 17 00:00:00 2001 From: Abdul Malik Ikhsan Date: Fri, 27 Dec 2024 09:08:56 +0700 Subject: [PATCH] refactor: revert ThirdParty change --- system/ThirdParty/Escaper/Escaper.php | 31 +++++++++++++++------------ 1 file changed, 17 insertions(+), 14 deletions(-) diff --git a/system/ThirdParty/Escaper/Escaper.php b/system/ThirdParty/Escaper/Escaper.php index 1e5bc7f9fad9..c4964cb55e4a 100644 --- a/system/ThirdParty/Escaper/Escaper.php +++ b/system/ThirdParty/Escaper/Escaper.php @@ -25,8 +25,6 @@ /** * Context specific methods for use in secure output escaping - * - * @final */ class Escaper { @@ -51,7 +49,7 @@ class Escaper * Current encoding for escaping. If not UTF-8, we convert strings from this encoding * pre-escaping and back to this encoding post-escaping. * - * @var non-empty-string + * @var string */ protected $encoding = 'utf-8'; @@ -90,7 +88,7 @@ class Escaper /** * List of all encoding supported by this class * - * @var list + * @var array */ protected $supportedEncodings = [ 'iso-8859-1', @@ -133,7 +131,6 @@ class Escaper * Constructor: Single parameter allows setting of global encoding for use by * the current object. * - * @param non-empty-string|null $encoding * @throws Exception\InvalidArgumentException */ public function __construct(?string $encoding = null) @@ -162,19 +159,25 @@ public function __construct(?string $encoding = null) // set matcher callbacks $this->htmlAttrMatcher = /** @param array $matches */ - fn(array $matches): string => $this->htmlAttrMatcher($matches); + function (array $matches): string { + return $this->htmlAttrMatcher($matches); + }; $this->jsMatcher = /** @param array $matches */ - fn(array $matches): string => $this->jsMatcher($matches); + function (array $matches): string { + return $this->jsMatcher($matches); + }; $this->cssMatcher = /** @param array $matches */ - fn(array $matches): string => $this->cssMatcher($matches); + function (array $matches): string { + return $this->cssMatcher($matches); + }; } /** * Return the encoding that all output/input is expected to be encoded in. * - * @return non-empty-string + * @return string */ public function getEncoding() { @@ -185,7 +188,7 @@ public function getEncoding() * Escape a string for the HTML Body context where there are very few characters * of special meaning. Internally this will use htmlspecialchars(). * - * @return ($string is non-empty-string ? non-empty-string : string) + * @return string */ public function escapeHtml(string $string) { @@ -197,7 +200,7 @@ public function escapeHtml(string $string) * to escape that are not covered by htmlspecialchars() to cover cases where an attribute * might be unquoted or quoted illegally (e.g. backticks are valid quotes for IE). * - * @return ($string is non-empty-string ? non-empty-string : string) + * @return string */ public function escapeHtmlAttr(string $string) { @@ -219,7 +222,7 @@ public function escapeHtmlAttr(string $string) * Backslash escaping is not used as it still leaves the escaped character as-is and so * is not useful in a HTML context. * - * @return ($string is non-empty-string ? non-empty-string : string) + * @return string */ public function escapeJs(string $string) { @@ -237,7 +240,7 @@ public function escapeJs(string $string) * an entire URI - only a subcomponent being inserted. The function is a simple proxy * to rawurlencode() which now implements RFC 3986 since PHP 5.3 completely. * - * @return ($string is non-empty-string ? non-empty-string : string) + * @return string */ public function escapeUrl(string $string) { @@ -248,7 +251,7 @@ public function escapeUrl(string $string) * Escape a string for the CSS context. CSS escaping can be applied to any string being * inserted into CSS and escapes everything except alphanumerics. * - * @return ($string is non-empty-string ? non-empty-string : string) + * @return string */ public function escapeCss(string $string) {