Escaping Blade directives
AlexMordred opened this issue · 1 comments
It doesn't fully escape Blade directives. I wanted to include a piece of a Blade template as code inside a blog post. After saving the data and trying to access the blog post page I just saw a blank white screen, same with the edit page where I have this inside a textarea. Had to delete the directives manually from the DB to restore the website.
This is the piece of the template:
@if (session('notification'))
<notification type="{{ session('notificationType') }}" message="{{ session('notification') }}"></notification>
@elseif (session('status'))
<notification type="alert-primary" message="{{ session('status') }}"></notification>
@else
<notification></notification>
@endif
I tested it and it seems that the curly braces is what doesn't get escaped and Blade processes it.
So I added an str_replace in the Parsedown class to replace '{' with HTML ASCII and still was getting the same blank page even though the replacement did work. Then I realized it was actuallu Vue.js parsing those curly braces and giving me an error... I guess that has nothing to do with this package directly.