当前位置: 首页>>代码示例>>PHP>>正文


PHP Xss::getAdminTagList方法代码示例

本文整理汇总了PHP中Drupal\Component\Utility\Xss::getAdminTagList方法的典型用法代码示例。如果您正苦于以下问题:PHP Xss::getAdminTagList方法的具体用法?PHP Xss::getAdminTagList怎么用?PHP Xss::getAdminTagList使用的例子?那么, 这里精选的方法代码示例或许可以为您提供帮助。您也可以进一步了解该方法所在Drupal\Component\Utility\Xss的用法示例。


在下文中一共展示了Xss::getAdminTagList方法的3个代码示例,这些例子默认根据受欢迎程度排序。您可以为喜欢或者感觉有用的代码点赞,您的评价将有助于系统推荐出更棒的PHP代码示例。

示例1: build

 /**
  * {@inheritdoc}
  */
 public function build()
 {
     $this->view->display_handler->preBlockBuild($this);
     if ($output = $this->view->buildRenderable($this->displayID, [], FALSE)) {
         // Override the label to the dynamic title configured in the view.
         if (empty($this->configuration['views_label']) && $this->view->getTitle()) {
             // @todo https://www.drupal.org/node/2527360 remove call to SafeMarkup.
             $output['#title'] = SafeMarkup::xssFilter($this->view->getTitle(), Xss::getAdminTagList());
         }
         // Before returning the block output, convert it to a renderable array
         // with contextual links.
         $this->addContextualLinks($output);
         return $output;
     }
     return array();
 }
开发者ID:nsp15,项目名称:Drupal8,代码行数:19,代码来源:ViewsBlock.php

示例2: ensureMarkupIsSafe

 /**
  * Escapes #plain_text or filters #markup as required.
  *
  * Drupal uses Twig's auto-escape feature to improve security. This feature
  * automatically escapes any HTML that is not known to be safe. Due to this
  * the render system needs to ensure that all markup it generates is marked
  * safe so that Twig does not do any additional escaping.
  *
  * By default all #markup is filtered to protect against XSS using the admin
  * tag list. Render arrays can alter the list of tags allowed by the filter
  * using the #allowed_tags property. This value should be an array of tags
  * that Xss::filter() would accept. Render arrays can escape text instead
  * of XSS filtering by setting the #plain_text property instead of #markup. If
  * #plain_text is used #allowed_tags is ignored.
  *
  * @param array $elements
  *   A render array with #markup set.
  *
  * @return \Drupal\Component\Render\MarkupInterface|string
  *   The escaped markup wrapped in a Markup object. If
  *   SafeMarkup::isSafe($elements['#markup']) returns TRUE, it won't be
  *   escaped or filtered again.
  *
  * @see \Drupal\Component\Utility\Html::escape()
  * @see \Drupal\Component\Utility\Xss::filter()
  * @see \Drupal\Component\Utility\Xss::adminFilter()
  */
 protected function ensureMarkupIsSafe(array $elements)
 {
     if (empty($elements['#markup']) && empty($elements['#plain_text'])) {
         return $elements;
     }
     if (!empty($elements['#plain_text'])) {
         $elements['#markup'] = Markup::create(Html::escape($elements['#plain_text']));
     } elseif (!SafeMarkup::isSafe($elements['#markup'])) {
         // The default behaviour is to XSS filter using the admin tag list.
         $tags = isset($elements['#allowed_tags']) ? $elements['#allowed_tags'] : Xss::getAdminTagList();
         $elements['#markup'] = Markup::create(Xss::filter($elements['#markup'], $tags));
     }
     return $elements;
 }
开发者ID:ddrozdik,项目名称:dmaps,代码行数:41,代码来源:Renderer.php

示例3: execute

 /**
  * Overrides \Drupal\views\Plugin\views\display\PathPluginBase::execute().
  */
 public function execute()
 {
     parent::execute();
     // And now render the view.
     $render = $this->view->render();
     // First execute the view so it's possible to get tokens for the title.
     // And the title, which is much easier.
     // @todo Figure out how to support custom response objects. Maybe for pages
     //   it should be dropped.
     if (is_array($render)) {
         $render += array('#title' => SafeMarkup::xssFilter($this->view->getTitle(), Xss::getAdminTagList()));
     }
     return $render;
 }
开发者ID:nsp15,项目名称:Drupal8,代码行数:17,代码来源:Page.php


注:本文中的Drupal\Component\Utility\Xss::getAdminTagList方法示例由纯净天空整理自Github/MSDocs等开源代码及文档管理平台,相关代码片段筛选自各路编程大神贡献的开源项目,源码版权归原作者所有,传播和使用请参考对应项目的License;未经允许,请勿转载。