/** * Prepare html output * * @return string */ protected function _toHtml() { /** @var $template \Magento\Email\Model\Template */ $template = $this->_emailFactory->create(['data' => ['area' => \Magento\Framework\App\Area::AREA_FRONTEND]]); $id = (int) $this->getRequest()->getParam('id'); if ($id) { $template->load($id); } else { $template->setTemplateType($this->getRequest()->getParam('type')); $template->setTemplateText($this->getRequest()->getParam('text')); $template->setTemplateStyles($this->getRequest()->getParam('styles')); } $template->setTemplateText($this->_maliciousCode->filter($template->getTemplateText())); \Magento\Framework\Profiler::start("email_template_proccessing"); $vars = []; $store = $this->getAnyStoreView(); $storeId = $store ? $store->getId() : null; $template->setDesignConfig(['area' => $this->_design->getArea(), 'store' => $storeId]); $templateProcessed = $template->getProcessedTemplate($vars, true); if ($template->isPlain()) { $templateProcessed = "<pre>" . htmlspecialchars($templateProcessed) . "</pre>"; } \Magento\Framework\Profiler::stop("email_template_proccessing"); return $templateProcessed; }
/** * Prepare html output * * @return string */ protected function _toHtml() { $storeId = $this->getAnyStoreView()->getId(); /** @var $template \Magento\Email\Model\Template */ $template = $this->_emailFactory->create(); if ($id = (int) $this->getRequest()->getParam('id')) { $template->load($id); } else { $template->setTemplateType($this->getRequest()->getParam('type')); $template->setTemplateText($this->getRequest()->getParam('text')); $template->setTemplateStyles($this->getRequest()->getParam('styles')); } $template->setTemplateText($this->_maliciousCode->filter($template->getTemplateText())); \Magento\Framework\Profiler::start($this->profilerName); $template->emulateDesign($storeId); $templateProcessed = $this->_appState->emulateAreaCode(\Magento\Email\Model\AbstractTemplate::DEFAULT_DESIGN_AREA, [$template, 'getProcessedTemplate']); $template->revertDesign(); if ($template->isPlain()) { $templateProcessed = "<pre>" . htmlspecialchars($templateProcessed) . "</pre>"; } \Magento\Framework\Profiler::stop($this->profilerName); return $templateProcessed; }
/** * Filter malicious code before insert content to email * * @param string|array $content * @return string|array */ public function getFilteredContent($content) { return $this->_maliciousCode->filter($content); }
/** * @dataProvider testGetFilteredContentDataProvider * @param $contentToFilter * @param $contentFiltered */ public function testGetFilteredContent($contentToFilter, $contentFiltered) { $this->_filter->expects($this->once())->method('filter')->with($contentToFilter)->will($this->returnValue($contentFiltered)); $this->assertEquals($contentFiltered, $this->_block->getFilteredContent($contentToFilter)); }
/** * Ensure that custom filtration regular expressions replace existing ones. */ public function testSetExpression() { $customExpression = '/<\\/?(customMalicious).*>/Uis'; $this->filter->setExpressions([$customExpression]); $this->assertEquals("Custom \tmalicious tag\t\t is removed customMalicious", $this->filter->filter("Custom \tmalicious tag\t\t is removed <customMalicious>customMalicious</customMalicious>"), 'Native filters should have been replaced with custom ones.'); }