class LinkitXss in Linkit 8.5
Same name and namespace in other branches
- 8.4 src/Utility/LinkitXss.php \Drupal\linkit\Utility\LinkitXss
Extends the default XSS protection to simplify it for Linkits needs.
Hierarchy
Expanded class hierarchy of LinkitXss
3 files declare their use of LinkitXss
- EntityMatcher.php in src/
Plugin/ Linkit/ Matcher/ EntityMatcher.php - FileMatcher.php in src/
Plugin/ Linkit/ Matcher/ FileMatcher.php - TermMatcher.php in src/
Plugin/ Linkit/ Matcher/ TermMatcher.php
File
- src/
Utility/ LinkitXss.php, line 10
Namespace
Drupal\linkit\UtilityView source
class LinkitXss extends Xss {
/**
* Description filter helper.
*
* @param string $string
* The string with raw HTML in it. It will be stripped of everything that
* can cause an XSS attack.
*
* @return string
* An XSS safe version of $string, or an empty string if $string is not
* valid UTF-8.
*
* @see \Drupal\Component\Utility\Xss::filter()
*/
public static function descriptionFilter($string) {
return parent::filter($string, [
'img',
] + Xss::getHtmlTagList());
}
}
Members
Name![]() |
Modifiers | Type | Description | Overrides |
---|---|---|---|---|
LinkitXss:: |
public static | function | Description filter helper. | |
Xss:: |
protected static | property | The list of HTML tags allowed by filterAdmin(). | |
Xss:: |
protected static | property | The default list of HTML tags allowed by filter(). | |
Xss:: |
protected static | function | Processes a string of HTML attributes. | |
Xss:: |
public static | function | Filters HTML to prevent cross-site-scripting (XSS) vulnerabilities. | |
Xss:: |
public static | function | Applies a very permissive XSS/HTML filter for admin-only use. | |
Xss:: |
public static | function | Gets the list of HTML tags allowed by Xss::filterAdmin(). | |
Xss:: |
public static | function | Gets the standard list of HTML tags allowed by Xss::filter(). | |
Xss:: |
protected static | function | Whether this element needs to be removed altogether. | 1 |
Xss:: |
protected static | function | Processes an HTML tag. |