63cae2e723e0e7c2a6a1d1ba37450c23d2f5ac16
[Packages/TYPO3.CMS.git] / typo3 / sysext / fluid / Classes / ViewHelpers / Format / CdataViewHelper.php
1 <?php
2 namespace TYPO3\CMS\Fluid\ViewHelpers\Format;
3
4 /* *
5 * This script is backported from the TYPO3 Flow package "TYPO3.Fluid". *
6 * *
7 * It is free software; you can redistribute it and/or modify it under *
8 * the terms of the GNU Lesser General Public License, either version 3 *
9 * of the License, or (at your option) any later version. *
10 * *
11 * The TYPO3 project - inspiring people to share! *
12 * */
13 use TYPO3\CMS\Fluid\Core\Rendering\RenderingContextInterface;
14 use TYPO3\CMS\Fluid\Core\ViewHelper\AbstractViewHelper;
15 use TYPO3\CMS\Fluid\Core\ViewHelper\Facets\CompilableInterface;
16
17 /**
18 * Outputs an argument/value without any escaping and wraps it with CDATA tags.
19 *
20 * PAY SPECIAL ATTENTION TO SECURITY HERE (especially Cross Site Scripting),
21 * as the output is NOT SANITIZED!
22 *
23 * = Examples =
24 *
25 * <code title="Child nodes">
26 * <f:format.cdata>{string}</f:format.cdata>
27 * </code>
28 * <output>
29 * <![CDATA[(Content of {string} without any conversion/escaping)]]>
30 * </output>
31 *
32 * <code title="Value attribute">
33 * <f:format.cdata value="{string}" />
34 * </code>
35 * <output>
36 * <![CDATA[(Content of {string} without any conversion/escaping)]]>
37 * </output>
38 *
39 * <code title="Inline notation">
40 * {string -> f:format.cdata()}
41 * </code>
42 * <output>
43 * <![CDATA[(Content of {string} without any conversion/escaping)]]>
44 * </output>
45 *
46 * @api
47 */
48 class CdataViewHelper extends AbstractViewHelper implements CompilableInterface {
49
50 /**
51 * Disable the escaping interceptor because otherwise the child nodes would be escaped before this view helper
52 * can decode the text's entities.
53 *
54 * @var bool
55 */
56 protected $escapingInterceptorEnabled = FALSE;
57
58 /**
59 * @param mixed $value The value to output
60 * @return string
61 */
62 public function render($value = NULL) {
63 return self::renderStatic(
64 array('value' => $value),
65 $this->buildRenderChildrenClosure(),
66 $this->renderingContext
67 );
68 }
69
70 /**
71 * @param array $arguments
72 * @param callable $renderChildrenClosure
73 * @param RenderingContextInterface $renderingContext
74 *
75 * @return string
76 */
77 static public function renderStatic(array $arguments, \Closure $renderChildrenClosure, RenderingContextInterface $renderingContext) {
78 $value = $arguments['value'];
79 if ($value === NULL) {
80 $value = $renderChildrenClosure();
81 }
82 return sprintf('<![CDATA[%s]]>', $value);
83 }
84
85 }