include::../description.adoc[]

include::../ask-yourself.adoc[]

include::../recommended.adoc[]

== Sensitive Code Example

----
public function loadTwig()
{
  $twig = new \Twig_Environment(new \Twig_Loader_String(), [
    'autoescape' => false, // Sensitive
  ]);

  $escaper = new \Twig_Extension_Escaper(false); // Sensitive
  $twig->addExtension($escaper);
}
----

== Compliant Solution

[source,php]
----
public function loadTwig()
{
  $twig = new \Twig_Environment(new \Twig_Loader_String(), [
    'autoescape' => true, // Compliant
  ]);

  $escaper = new \Twig_Extension_Escaper(true); // Compliant
  $twig->addExtension($escaper);
}
----

include::../see.adoc[]

ifdef::env-github,rspecator-view[]

'''
== Implementation Specification
(visible only on this page)

include::../message.adoc[]

'''
== Comments And Links
(visible only on this page)

=== on 14 May 2019, 22:09:18 Lars Svensson wrote:
Reference:

https://twig.symfony.com/doc/2.x/api.html

include::../comments-and-links.adoc[]

endif::env-github,rspecator-view[]