You are here

Home » API reference » Drupal 10 » Standard.php » Standard

protected static function Standard::getAllowedTags in Drupal 10

Same name and namespace in other branches
  1. 8 core/modules/editor/src/EditorXssFilter/Standard.php \Drupal\editor\EditorXssFilter\Standard::getAllowedTags()
  2. 9 core/modules/editor/src/EditorXssFilter/Standard.php \Drupal\editor\EditorXssFilter\Standard::getAllowedTags()

Get all allowed tags from a restrictions data structure.

Parameters

array|false $restrictions: Restrictions as returned by FilterInterface::getHTMLRestrictions().

Return value

array An array of allowed HTML tags.

See also

\Drupal\filter\Plugin\Filter\FilterInterface::getHTMLRestrictions()

1 call to Standard::getAllowedTags()
Standard::filterXss in core/modules/editor/src/EditorXssFilter/Standard.php
Filters HTML to prevent XSS attacks when a user edits it in a text editor.

File

core/modules/editor/src/EditorXssFilter/Standard.php, line 116

Class

Standard
Defines the standard text editor XSS filter.

Namespace

Drupal\editor\EditorXssFilter

Code

protected static function getAllowedTags($restrictions) {
  if ($restrictions === FALSE || !isset($restrictions['allowed'])) {
    return [];
  }
  $allowed_tags = array_keys($restrictions['allowed']);

  // Exclude the wildcard tag, which is used to set attribute restrictions on
  // all tags simultaneously.
  $allowed_tags = array_diff($allowed_tags, [
    '*',
  ]);
  return $allowed_tags;
}