CodeExplorer
You are a developer and looking for Shopware projects?
Apply Now!
SandboxExtension example
$state->set(static::CACHE_PREFIX_METADATA_KEY, $current);
}
$this->twigCachePrefix = $current['twig_cache_prefix'];
$options['cache'] = new TwigPhpStorageCache($cache, $this->twigCachePrefix);
}
$this->setLoader($loader);
parent::__construct($this->getLoader(), $options);
$policy = new TwigSandboxPolicy();
$sandbox = new SandboxExtension($policy, TRUE);
$this->addExtension($sandbox);
}
/** * {@inheritdoc} */
public function compileSource(Source $source): string {
// Note: always use \Drupal\Core\Serialization\Yaml here instead of the // "serializer.yaml" service. This allows the core serializer to utilize // core related functionality which isn't available as the standalone // component based serializer.
protected $twig;
/** * {@inheritdoc} */
protected function setUp(): void {
parent::setUp();
$loader = new StringLoader();
$this->twig = new Environment($loader);
$policy = new TwigSandboxPolicy();
$sandbox = new SandboxExtension($policy, TRUE);
$this->twig->addExtension($sandbox);
}
/** * Tests that dangerous methods cannot be called in entity objects. * * @dataProvider getTwigEntityDangerousMethods */
public function testEntityDangerousMethods($template) {
$entity = $this->createMock('Drupal\Core\Entity\EntityInterface');
$this->expectException(SecurityError::class);
/** * {@inheritdoc} */
protected function setUp(): void {
parent::setUp();
$loader = new StringLoader();
$this->twig = new Environment($loader);
$policy = new TwigSandboxPolicy();
$sandbox = new SandboxExtension($policy, TRUE);
$this->twig->addExtension($sandbox);
}
/** * Tests that dangerous methods cannot be called in entity objects. * * @dataProvider getTwigEntityDangerousMethods */
public function testEntityDangerousMethods($template) {
$entity = $this->createMock('Drupal\Core\Entity\EntityInterface');
$this->expectException(SecurityError::class);