function UrlHelper::filterBadProtocol
Same name in other branches
- 9 core/lib/Drupal/Component/Utility/UrlHelper.php \Drupal\Component\Utility\UrlHelper::filterBadProtocol()
- 10 core/lib/Drupal/Component/Utility/UrlHelper.php \Drupal\Component\Utility\UrlHelper::filterBadProtocol()
- 11.x core/lib/Drupal/Component/Utility/UrlHelper.php \Drupal\Component\Utility\UrlHelper::filterBadProtocol()
Processes an HTML attribute value and strips dangerous protocols from URLs.
Parameters
string $string: The string with the attribute value.
Return value
string Cleaned up and HTML-escaped version of $string.
6 calls to UrlHelper::filterBadProtocol()
- CommentTokenReplaceTest::testCommentTokenReplacement in core/
modules/ comment/ tests/ src/ Functional/ CommentTokenReplaceTest.php - Creates a comment, then tests the tokens generated from it.
- FormBuilder::buildFormAction in core/
lib/ Drupal/ Core/ Form/ FormBuilder.php - Builds the $form['#action'].
- UrlHelperTest::testFilterBadProtocol in core/
tests/ Drupal/ Tests/ Component/ Utility/ UrlHelperTest.php - Tests bad protocol filtering and escaping.
- UserLoginBlock::renderPlaceholderFormAction in core/
modules/ user/ src/ Plugin/ Block/ UserLoginBlock.php - #lazy_builder callback; renders a form action URL including destination.
- Xss::attributes in core/
lib/ Drupal/ Component/ Utility/ Xss.php - Processes a string of HTML attributes.
File
-
core/
lib/ Drupal/ Component/ Utility/ UrlHelper.php, line 286
Class
- UrlHelper
- Helper class URL based methods.
Namespace
Drupal\Component\UtilityCode
public static function filterBadProtocol($string) {
// Get the plain text representation of the attribute value (i.e. its
// meaning).
$string = Html::decodeEntities($string);
return Html::escape(static::stripDangerousProtocols($string));
}
Buggy or inaccurate documentation? Please file an issue. Need support? Need help programming? Connect with the Drupal community.