public function InputFormats::help in Security Review 8

Returns the check-specific help page.

Return value

array The render array of the check's help page.

Overrides Check::help

File

src/Checks/InputFormats.php, line 100

Class

InputFormats: Checks for vulnerabilities related to input formats.

Namespace

Drupal\security_review\Checks

Code

public function help() {
  $paragraphs = [];
  $paragraphs[] = $this
    ->t("Certain HTML tags can allow an attacker to take control of your site. Drupal's input format system makes use of a set filters to run on incoming text. The 'HTML Filter' strips out harmful tags and Javascript events and should be used on all formats accessible by untrusted users.");
  $paragraphs[] = new Link($this
    ->t("Read more about Drupal's input formats in the handbooks."), Url::fromUri('http://drupal.org/node/224921'));
  return [
    '#theme' => 'check_help',
    '#title' => $this
      ->t('Allowed HTML tags in text formats'),
    '#paragraphs' => $paragraphs,
  ];
}

You are here

public function InputFormats::help in Security Review 8

Return value

File

Class

Namespace

Code

API Navigation