8000 feature #16201 [Yaml] deprecated non-escaped \ in double-quoted strin… · symfony/symfony@77f5141 · GitHub
[go: up one dir, main page]
Skip to content

Commit 77f5141

Browse files
fabpotfabpot
committed
feature #16201 [Yaml] deprecated non-escaped \ in double-quoted strings when parsing (fabpot)
This PR was merged into the 2.8 branch. Discussion ---------- [Yaml] deprecated non-escaped \ in double-quoted strings when parsing | Q | A | ------------- | --- | Bug fix? | yes | New feature? | yes | BC breaks? | no | Deprecations? | yes | Tests pass? | yes | Fixed tickets | n/a | License | MIT | Doc PR | n/a According to the YAML specs, backslashes must be escaped when used in a double-quoted string. So, `"Foo\Var"` is not valid, `"Foo\\Var"` is. This PR deprecates the old ways so that we can throw an exception in 3.0 when parsing a non-compliant YAML string in 3.0. ping @nicolas-grekas @tucksaun Commits ------- e599a72 [Yaml] deprecated non-escaped \ in double-quoted strings when parsing
2 parents a8b119d + e599a72 commit 77f5141

File tree

4 files changed

+40
-2
lines changed

4 files changed

+40
-2
lines changed

src/Symfony/Component/Yaml/CHANGELOG.md

Lines changed: 6 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -1,6 +1,12 @@
11
CHANGELOG
22
=========
33

4+
2.8.0
5+
-----
6+
7+
* Deprecated non-escaped \ in double-quoted strings when parsing Yaml
8+
("Foo\Var" is not valid whereas "Foo\\Var" is)
9+
410
2.1.0
511
-----
612

src/Symfony/Component/Yaml/Tests/Fixtures/escapedCharacters.yml

Lines changed: 8 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -145,3 +145,11 @@ php: |
145145
array(
146146
'double' => "some value\n \"some quoted string\" and 'some single quotes one'"
147147
)
148+
---
149+
test: Backslashes
150+
yaml: |
151+
{ single: 'foo\Var', no-quotes: foo\Var, double: "foo\\Var" }
152+
php: |
153+
array(
154+
'single' => 'foo\Var', 'no-quotes' => 'foo\Var', 'double' => 'foo\Var'
155+
)

src/Symfony/Component/Yaml/Tests/InlineTest.php

Lines changed: 17 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -72,6 +72,23 @@ public function testHashStringsResemblingExponentialNumericsShouldNotBeChangedTo
7272
$this->assertSame($value, Inline::parse(Inline::dump($value)));
7373
}
7474

75+
/**
76+
* @group legacy
77+
* throws \Symfony\Component\Yaml\Exception\ParseException in 3.0
78+
*/
79+
public function testParseScalarWithNonEscapedBlackslashShouldThrowException()
80+
{
81+
$this->assertSame('Foo\Var', Inline::parse('"Foo\Var"'));
82+
}
83+
84+
/**
85+
* @expectedException \Symfony\Component\Yaml\Exception\ParseException
86+
*/
87+
public function testParseScalarWithNonEscapedBlackslashAtTheEndShouldThrowException()
88+
{
89+
Inline::parse('"Foo\\"');
90+
}
91+
7592
/**
7693
* @expectedException \Symfony\Component\Yaml\Exception\ParseException
7794
*/

src/Symfony/Component/Yaml/Unescaper.php

Lines changed: 9 additions & 2 deletions
Original file line numberDiff line numberDiff line change
@@ -32,7 +32,7 @@ class Unescaper
3232
/**
3333
* Regex fragment that matches an escaped character in a double quoted string.
3434
*/
35-
const REGEX_ESCAPED_CHARACTER = "\\\\([0abt\tnvfre \\\"\\/\\\\N_LP]|x[0-9a-fA-F]{2}|u[0-9a-fA-F]{4}|U[0-9a-fA-F]{8})";
35+
const REGEX_ESCAPED_CHARACTER = "\\\\(x[0-9a-fA-F]{2}|u[0-9a-fA-F]{4}|U[0-9a-fA-F]{8}|.)";
3636

3737
/**
3838
* Unescapes a single quoted string.
@@ -70,10 +70,13 @@ public function unescapeDoubleQuotedString($value)
7070
* @param string $value An escaped character
7171
*
7272
* @return string The unescaped character
73+
*
74+
* @internal This method is public to be usable as callback. It should not
75+
* be used in user code. Should be changed in 3.0.
7376
*/
7477
public function unescapeCharacter($value)
7578
{
76-
switch ($value{1}) {
79+
switch ($value[1]) {
7780
case '0':
7881
return "\x0";
7982
case 'a':
@@ -120,6 +123,10 @@ public function unescapeCharacter($value)
120123
return self::utf8chr(hexdec(substr($value, 2, 4)));
121124
case 'U':
122125
return self::utf8chr(hexdec(substr($value, 2, 8)));
126+
default:
127+
@trigger_error('Not escaping a backslash in a double-quoted string is deprecated since Symfony 2.8 and will throw a ParseException in 3.0.', E_USER_DEPRECATED);
128+
129+
return $value;
123130
}
124131
}
125132

0 commit comments

Comments
 (0)
0