You are here

public static function ContentLinksForm::validateUriElement in General Data Protection Regulation 3.0.x

Same name and namespace in other branches
  1. 8.2 src/Form/ContentLinksForm.php \Drupal\gdpr\Form\ContentLinksForm::validateUriElement()
  2. 8 src/Form/ContentLinksForm.php \Drupal\gdpr\Form\ContentLinksForm::validateUriElement()

Form element validation handler for the 'uri' element.

Disallows saving inaccessible or untrusted URLs.

File

src/Form/ContentLinksForm.php, line 218

Class

ContentLinksForm
Class ContentLinksForm.

Namespace

Drupal\gdpr\Form

Code

public static function validateUriElement($element, FormStateInterface $form_state, $form) {
  $uri = static::getUserEnteredStringAsUri($element['#value']);
  $form_state
    ->setValueForElement($element, $uri);

  // If getUserEnteredStringAsUri() mapped the entered value to a 'internal:'
  // URI , ensure the raw value begins with '/', '?' or '#'.
  // @todo '<front>' is valid input for BC reasons, may be removed by
  //   https://www.drupal.org/node/2421941
  if (parse_url($uri, PHP_URL_SCHEME) === 'internal' && 0 !== strpos($element['#value'], '<front>') && !in_array($element['#value'][0], [
    '/',
    '?',
    '#',
  ], TRUE)) {
    $form_state
      ->setError($element, t('Manually entered paths should start with /, ? or #.'));
    return;
  }
}