Sanitize request input before passing it to expression language evalu…

…ator
Sylius · Aug 14, 2020 · f897346 · f897346
1 parent 1bea002
commit f897346
Showing 1 changed file with 1 addition and 1 deletion.
diff --git a/src/Bundle/Grid/Parser/OptionsParser.php b/src/Bundle/Grid/Parser/OptionsParser.php
@@ -79,7 +79,7 @@ private function parseOptionExpression(string $expression, Request $request)
         $expression = (string) preg_replace_callback('/\$(\w+)/', function (array $matches) use ($request) {
             $variable = $request->get($matches[1]);
 
-            return is_string($variable) ? sprintf('"%s"', $variable) : $variable;
+            return is_string($variable) ? sprintf('"%s"', addslashes($variable)) : $variable;
         }, $expression);
 
         return $this->expression->evaluate($expression, ['container' => $this->container]);