You are here

public function RestExport::render in Drupal 8

Same name and namespace in other branches
  1. 9 core/modules/rest/src/Plugin/views/display/RestExport.php \Drupal\rest\Plugin\views\display\RestExport::render()
  2. 10 core/modules/rest/src/Plugin/views/display/RestExport.php \Drupal\rest\Plugin\views\display\RestExport::render()

Renders this display.

Overrides DisplayPluginBase::render

File

core/modules/rest/src/Plugin/views/display/RestExport.php, line 447

Class

RestExport
The plugin that handles Data response callbacks for REST resources.

Namespace

Drupal\rest\Plugin\views\display

Code

public function render() {
  $build = [];
  $build['#markup'] = $this->renderer
    ->executeInRenderContext(new RenderContext(), function () {
    return $this->view->style_plugin
      ->render();
  });
  $this->view->element['#content_type'] = $this
    ->getMimeType();
  $this->view->element['#cache_properties'][] = '#content_type';

  // Encode and wrap the output in a pre tag if this is for a live preview.
  if (!empty($this->view->live_preview)) {
    $build['#prefix'] = '<pre>';
    $build['#plain_text'] = $build['#markup'];
    $build['#suffix'] = '</pre>';
    unset($build['#markup']);
  }
  else {

    // This display plugin is for returning non-HTML formats. However, we
    // still invoke the renderer to collect cacheability metadata. Because the
    // renderer is designed for HTML rendering, it filters #markup for XSS
    // unless it is already known to be safe, but that filter only works for
    // HTML. Therefore, we mark the contents as safe to bypass the filter. So
    // long as we are returning this in a non-HTML response,
    // this is safe, because an XSS attack only works when executed by an HTML
    // agent.
    // @todo Decide how to support non-HTML in the render API in
    //   https://www.drupal.org/node/2501313.
    $build['#markup'] = ViewsRenderPipelineMarkup::create($build['#markup']);
  }
  parent::applyDisplayCacheabilityMetadata($build);
  return $build;
}