Hi there,
i'm developing a module and i need to print a variable that contains html code in a tpl file. I know that i can use "nofilter" to do this (i.e. {$var nofilter})
When i try to validate the module (on validator.prestashop.com), in the security tab, there is this error: "Removing variable escaping is highly discouraged because malicious code can be displayed and executed". If i remove "nofilter", the variable is print as plain text. For example:
in module class
$var = "<p>test string</p>"; $this->context->smarty->assign(['var'=>$var]);
in tpl file
{$var nofilter} <!-- output: test string --> {$var|escape:'html':'UTF-8'} <!-- output: <p>test string</p> -->
How can i solve the validation error? Can i submit the module on the marketplace also with this error?
I'm using PrestaShop version 1.7.6.3
Thanks in advance