minor #6365 Tweaked the feature that allows to render HTML contents i…

…n associations (javiereguiluz)

This PR was merged into the 4.x branch.

Discussion
----------

Tweaked the feature that allows to render HTML contents in associations

This continues #6090 and renames a method to match the naming used in other fields.

Commits
-------

70122a8 Tweaked the feature that allows to render HTML contents in associations

doc/fields/AssociationField.rst

@@ -82,6 +82,16 @@ pass the fully-qualified class name of the controller as the first argument::
         CategoryCrudController::class, 'create_category_inside_an_article', 'edit_category_inside_an_article'
     );
 
+``renderAsHtml``
+~~~~~~~~~~~~~~~~
+
+By default, the HTML contents of the items displayed in the select lists are
+escaped to avoid security issues like `XSS`_. If you need to render custom HTML
+contents and you are certain that they are safe to display "as is", set this
+option to not escape those contents::
+
+    yield AssociationField::new('...')->renderAsHtml();
+
 ``setCrudController``
 ~~~~~~~~~~~~~~~~~~~~~
 
@@ -146,3 +156,4 @@ associated entity::
 .. _`EntityType`: https://symfony.com/doc/current/reference/forms/types/entity.html
 .. _`query_builder option`: https://symfony.com/doc/current/reference/forms/types/entity.html#query-builder
 .. _`value object`: https://en.wikipedia.org/wiki/Value_object
+.. _`XSS`: https://en.wikipedia.org/wiki/Cross-site_scripting

src/Field/AssociationField.php

@@ -108,9 +108,9 @@ public function setSortProperty(string $orderProperty): self
         return $this;
     }
 
-    public function escapeHtml(bool $escape = true): self
+    public function renderAsHtml(bool $asHtml = true): self
     {
-        $this->setCustomOption(self::OPTION_ESCAPE_HTML_CONTENTS, $escape);
+        $this->setCustomOption(self::OPTION_ESCAPE_HTML_CONTENTS, !$asHtml);
 
         return $this;
     }