public function TrustedHosts::help in Security Review 8

Returns the check-specific help page.

Return value

array The render array of the check's help page.

Overrides Check::help

File

src/Checks/TrustedHosts.php, line 116

Class

TrustedHosts: Checks for base_url and trusted_host_patterns settings in settings.php.

Namespace

Drupal\security_review\Checks

Code

public function help() {
  $paragraphs = [];
  $paragraphs[] = $this
    ->t('Often Drupal needs to know the URL(s) it is responding from in order to build full links back to itself (e.g. password reset links sent via email). Until you explicitly tell Drupal what full or partial URL(s) it should respond for it must dynamically detect it based on the incoming request, something that can be malicously spoofed in order to trick someone into unknowningly visiting an attacker\'s site (known as a HTTP host header attack).');
  return [
    '#theme' => 'check_help',
    '#title' => $this
      ->t('Drupal trusted hosts'),
    '#paragraphs' => $paragraphs,
  ];
}

You are here

public function TrustedHosts::help in Security Review 8

Return value

File

Class

Namespace

Code

API Navigation