function UrlHelper::filterBadProtocol

Same name in other branches
  1. 9 core/lib/Drupal/Component/Utility/UrlHelper.php \Drupal\Component\Utility\UrlHelper::filterBadProtocol()
  2. 10 core/lib/Drupal/Component/Utility/UrlHelper.php \Drupal\Component\Utility\UrlHelper::filterBadProtocol()
  3. 11.x core/lib/Drupal/Component/Utility/UrlHelper.php \Drupal\Component\Utility\UrlHelper::filterBadProtocol()

Processes an HTML attribute value and strips dangerous protocols from URLs.

Parameters

string $string: The string with the attribute value.

Return value

string Cleaned up and HTML-escaped version of $string.

6 calls to UrlHelper::filterBadProtocol()
CommentTokenReplaceTest::testCommentTokenReplacement in core/modules/comment/tests/src/Functional/CommentTokenReplaceTest.php
Creates a comment, then tests the tokens generated from it.
FormBuilder::buildFormAction in core/lib/Drupal/Core/Form/FormBuilder.php
Builds the $form['#action'].
UrlHelperTest::testFilterBadProtocol in core/tests/Drupal/Tests/Component/Utility/UrlHelperTest.php
Tests bad protocol filtering and escaping.
UserLoginBlock::renderPlaceholderFormAction in core/modules/user/src/Plugin/Block/UserLoginBlock.php
#lazy_builder callback; renders a form action URL including destination.
Xss::attributes in core/lib/Drupal/Component/Utility/Xss.php
Processes a string of HTML attributes.

... See full list

File

core/lib/Drupal/Component/Utility/UrlHelper.php, line 286

Class

UrlHelper
Helper class URL based methods.

Namespace

Drupal\Component\Utility

Code

public static function filterBadProtocol($string) {
    // Get the plain text representation of the attribute value (i.e. its
    // meaning).
    $string = Html::decodeEntities($string);
    return Html::escape(static::stripDangerousProtocols($string));
}

Buggy or inaccurate documentation? Please file an issue. Need support? Need help programming? Connect with the Drupal community.