當前位置: 首頁>>代碼示例>>PHP>>正文


PHP SafeMarkup::isSafe方法代碼示例

本文整理匯總了PHP中Drupal\Component\Utility\SafeMarkup::isSafe方法的典型用法代碼示例。如果您正苦於以下問題:PHP SafeMarkup::isSafe方法的具體用法?PHP SafeMarkup::isSafe怎麽用?PHP SafeMarkup::isSafe使用的例子?那麽, 這裏精選的方法代碼示例或許可以為您提供幫助。您也可以進一步了解該方法所在Drupal\Component\Utility\SafeMarkup的用法示例。


在下文中一共展示了SafeMarkup::isSafe方法的15個代碼示例,這些例子默認根據受歡迎程度排序。您可以為喜歡或者感覺有用的代碼點讚,您的評價將有助於係統推薦出更棒的PHP代碼示例。

示例1: testRenderCacheProperties

  /**
   * Tests that #cache_properties are properly handled.
   *
   * @param array $expected_results
   *   An associative array of expected results keyed by property name.
   *
   * @covers ::render
   * @covers ::doRender
   * @covers \Drupal\Core\Render\RenderCache::get
   * @covers \Drupal\Core\Render\RenderCache::set
   * @covers \Drupal\Core\Render\RenderCache::createCacheID
   * @covers \Drupal\Core\Render\RenderCache::getCacheableRenderArray
   *
   * @dataProvider providerTestRenderCacheProperties
   */
  public function testRenderCacheProperties(array $expected_results) {
    $this->setUpRequest();
    $this->setupMemoryCache();

    $element = $original = [
      '#cache' => [
        'keys' => ['render_cache_test'],
      ],
      // Collect expected property names.
      '#cache_properties' => array_keys(array_filter($expected_results)),
      'child1' => ['#markup' => Markup::create('1')],
      'child2' => ['#markup' => Markup::create('2')],
      // Mark the value as safe.
      '#custom_property' => Markup::create('custom_value'),
      '#custom_property_array' => ['custom value'],
    ];

    $this->renderer->renderRoot($element);

    $cache = $this->cacheFactory->get('render');
    $data = $cache->get('render_cache_test:en:stark')->data;

    // Check that parent markup is ignored when caching children's markup.
    $this->assertEquals($data['#markup'] === '', (bool) Element::children($data));

    // Check that the element properties are cached as specified.
    foreach ($expected_results as $property => $expected) {
      $cached = !empty($data[$property]);
      $this->assertEquals($cached, (bool) $expected);
      // Check that only the #markup key is preserved for children.
      if ($cached) {
        $this->assertEquals($data[$property], $original[$property]);
      }
    }
    // #custom_property_array can not be a safe_cache_property.
    $safe_cache_properties = array_diff(Element::properties(array_filter($expected_results)), ['#custom_property_array']);
    foreach ($safe_cache_properties as $cache_property) {
      $this->assertTrue(SafeMarkup::isSafe($data[$cache_property]), "$cache_property is marked as a safe string");
    }
  }
開發者ID:komejo,項目名稱:article-test,代碼行數:55,代碼來源:RendererTest.php

示例2: testRediscover

 /**
  * Tests the rediscovering.
  */
 public function testRediscover()
 {
     \Drupal::state()->set('menu_link_content_dynamic_route.routes', ['route_name_1' => new Route('/example-path')]);
     \Drupal::service('router.builder')->rebuild();
     // Set up a custom menu link pointing to a specific path.
     MenuLinkContent::create(['title' => '<script>alert("Welcome to the discovered jungle!")</script>', 'link' => [['uri' => 'internal:/example-path']], 'menu_name' => 'tools'])->save();
     $menu_tree = \Drupal::menuTree()->load('tools', new MenuTreeParameters());
     $this->assertEqual(1, count($menu_tree));
     /** @var \Drupal\Core\Menu\MenuLinkTreeElement $tree_element */
     $tree_element = reset($menu_tree);
     $this->assertEqual('route_name_1', $tree_element->link->getRouteName());
     // Change the underlying route and trigger the rediscovering.
     \Drupal::state()->set('menu_link_content_dynamic_route.routes', ['route_name_2' => new Route('/example-path')]);
     \Drupal::service('router.builder')->rebuild();
     // Ensure that the new route name / parameters are captured by the tree.
     $menu_tree = \Drupal::menuTree()->load('tools', new MenuTreeParameters());
     $this->assertEqual(1, count($menu_tree));
     /** @var \Drupal\Core\Menu\MenuLinkTreeElement $tree_element */
     $tree_element = reset($menu_tree);
     $this->assertEqual('route_name_2', $tree_element->link->getRouteName());
     $title = $tree_element->link->getTitle();
     $this->assertFalse($title instanceof TranslationWrapper);
     $this->assertIdentical('<script>alert("Welcome to the discovered jungle!")</script>', $title);
     $this->assertFalse(SafeMarkup::isSafe($title));
 }
開發者ID:nsp15,項目名稱:Drupal8,代碼行數:28,代碼來源:MenuLinkContentDeriverTest.php

示例3: testBuildRowEntityList

 /**
  * Tests the listing of displays on a views list builder.
  *
  * @see \Drupal\views_ui\ViewListBuilder::getDisplaysList()
  * @covers ::buildRow
  */
 public function testBuildRowEntityList()
 {
     $storage = $this->getMockBuilder('Drupal\\Core\\Config\\Entity\\ConfigEntityStorage')->disableOriginalConstructor()->getMock();
     $display_manager = $this->getMockBuilder('\\Drupal\\views\\Plugin\\ViewsPluginManager')->disableOriginalConstructor()->getMock();
     $display_manager->expects($this->any())->method('getDefinition')->will($this->returnValueMap(array(array('default', TRUE, array('id' => 'default', 'title' => 'Master', 'theme' => 'views_view', 'no_ui' => TRUE, 'admin' => '')), array('page', TRUE, array('id' => 'page', 'title' => 'Page', 'uses_menu_links' => TRUE, 'uses_route' => TRUE, 'contextual_links_locations' => array('page'), 'theme' => 'views_view', 'admin' => 'Page admin label')), array('embed', TRUE, array('id' => 'embed', 'title' => 'embed', 'theme' => 'views_view', 'admin' => 'Embed admin label')))));
     $default_display = $this->getMock('Drupal\\views\\Plugin\\views\\display\\DefaultDisplay', array('initDisplay'), array(array(), 'default', $display_manager->getDefinition('default')));
     $route_provider = $this->getMock('Drupal\\Core\\Routing\\RouteProviderInterface');
     $state = $this->getMock('\\Drupal\\Core\\State\\StateInterface');
     $menu_storage = $this->getMock('\\Drupal\\Core\\Entity\\EntityStorageInterface');
     $page_display = $this->getMock('Drupal\\views\\Plugin\\views\\display\\Page', array('initDisplay', 'getPath'), array(array(), 'default', $display_manager->getDefinition('page'), $route_provider, $state, $menu_storage));
     $page_display->expects($this->any())->method('getPath')->will($this->onConsecutiveCalls($this->returnValue('test_page'), $this->returnValue('<object>malformed_path</object>'), $this->returnValue('<script>alert("placeholder_page/%")</script>')));
     $embed_display = $this->getMock('Drupal\\views\\Plugin\\views\\display\\Embed', array('initDisplay'), array(array(), 'default', $display_manager->getDefinition('embed')));
     $values = array();
     $values['status'] = FALSE;
     $values['display']['default']['id'] = 'default';
     $values['display']['default']['display_title'] = 'Display';
     $values['display']['default']['display_plugin'] = 'default';
     $values['display']['page_1']['id'] = 'page_1';
     $values['display']['page_1']['display_title'] = 'Page 1';
     $values['display']['page_1']['display_plugin'] = 'page';
     $values['display']['page_1']['display_options']['path'] = 'test_page';
     $values['display']['page_2']['id'] = 'page_2';
     $values['display']['page_2']['display_title'] = 'Page 2';
     $values['display']['page_2']['display_plugin'] = 'page';
     $values['display']['page_2']['display_options']['path'] = '<object>malformed_path</object>';
     $values['display']['page_3']['id'] = 'page_3';
     $values['display']['page_3']['display_title'] = 'Page 3';
     $values['display']['page_3']['display_plugin'] = 'page';
     $values['display']['page_3']['display_options']['path'] = '<script>alert("placeholder_page/%")</script>';
     $values['display']['embed']['id'] = 'embed';
     $values['display']['embed']['display_title'] = 'Embedded';
     $values['display']['embed']['display_plugin'] = 'embed';
     $display_manager->expects($this->any())->method('createInstance')->will($this->returnValueMap(array(array('default', $values['display']['default'], $default_display), array('page', $values['display']['page_1'], $page_display), array('page', $values['display']['page_2'], $page_display), array('page', $values['display']['page_3'], $page_display), array('embed', $values['display']['embed'], $embed_display))));
     $container = new ContainerBuilder();
     $user = $this->getMock('Drupal\\Core\\Session\\AccountInterface');
     $request_stack = new RequestStack();
     $request_stack->push(new Request());
     $views_data = $this->getMockBuilder('Drupal\\views\\ViewsData')->disableOriginalConstructor()->getMock();
     $route_provider = $this->getMock('Drupal\\Core\\Routing\\RouteProviderInterface');
     $executable_factory = new ViewExecutableFactory($user, $request_stack, $views_data, $route_provider);
     $container->set('views.executable', $executable_factory);
     $container->set('plugin.manager.views.display', $display_manager);
     \Drupal::setContainer($container);
     // Setup a view list builder with a mocked buildOperations method,
     // because t() is called on there.
     $entity_type = $this->getMock('Drupal\\Core\\Entity\\EntityTypeInterface');
     $view_list_builder = new TestViewListBuilder($entity_type, $storage, $display_manager);
     $view_list_builder->setStringTranslation($this->getStringTranslationStub());
     $view = new View($values, 'view');
     $row = $view_list_builder->buildRow($view);
     $expected_displays = array('Embed admin label', 'Page admin label', 'Page admin label', 'Page admin label');
     $this->assertEquals($expected_displays, $row['data']['view_name']['data']['#displays']);
     $display_paths = $row['data']['path']['data']['#items'];
     // These values will be escaped by Twig when rendered.
     $this->assertEquals('/test_page, /<object>malformed_path</object>, /<script>alert("placeholder_page/%")</script>', implode(', ', $display_paths));
     $this->assertFalse(SafeMarkup::isSafe('/<object>malformed_path</object>'), '/<script>alert("/<object>malformed_path</object> is not marked safe.');
     $this->assertFalse(SafeMarkup::isSafe('/<script>alert("placeholder_page/%")'), '/<script>alert("/<script>alert("placeholder_page/%") is not marked safe.');
 }
開發者ID:ddrozdik,項目名稱:dmaps,代碼行數:64,代碼來源:ViewListBuilderTest.php

示例4: testFormatPlural

 /**
  * @dataProvider providerTestFormatPlural
  */
 public function testFormatPlural($count, $singular, $plural, array $args = array(), array $options = array(), $expected)
 {
     $translator = $this->getMock('\\Drupal\\Core\\StringTranslation\\Translator\\TranslatorInterface');
     $translator->expects($this->once())->method('getStringTranslation')->will($this->returnCallback(function ($langcode, $string) {
         return $string;
     }));
     $this->translationManager->addTranslator($translator);
     $result = $this->translationManager->formatPlural($count, $singular, $plural, $args, $options);
     $this->assertEquals($expected, $result);
     $this->assertTrue(SafeMarkup::isSafe($result));
 }
開發者ID:HakS,項目名稱:drupal8_training,代碼行數:14,代碼來源:TranslationManagerTest.php

示例5: testRediscover

 /**
  * Tests the rediscovering.
  */
 public function testRediscover()
 {
     \Drupal::state()->set('menu_link_content_dynamic_route.routes', ['route_name_1' => new Route('/example-path')]);
     \Drupal::service('router.builder')->rebuild();
     // Set up a custom menu link pointing to a specific path.
     $parent = MenuLinkContent::create(['title' => '<script>alert("Welcome to the discovered jungle!")</script>', 'link' => [['uri' => 'internal:/example-path']], 'menu_name' => 'tools']);
     $parent->save();
     $menu_tree = \Drupal::menuTree()->load('tools', new MenuTreeParameters());
     $this->assertEqual(1, count($menu_tree));
     /** @var \Drupal\Core\Menu\MenuLinkTreeElement $tree_element */
     $tree_element = reset($menu_tree);
     $this->assertEqual('route_name_1', $tree_element->link->getRouteName());
     // Change the underlying route and trigger the rediscovering.
     \Drupal::state()->set('menu_link_content_dynamic_route.routes', ['route_name_2' => new Route('/example-path')]);
     \Drupal::service('router.builder')->rebuild();
     // Ensure that the new route name / parameters are captured by the tree.
     $menu_tree = \Drupal::menuTree()->load('tools', new MenuTreeParameters());
     $this->assertEqual(1, count($menu_tree));
     /** @var \Drupal\Core\Menu\MenuLinkTreeElement $tree_element */
     $tree_element = reset($menu_tree);
     $this->assertEqual('route_name_2', $tree_element->link->getRouteName());
     $title = $tree_element->link->getTitle();
     $this->assertFalse($title instanceof TranslatableMarkup);
     $this->assertIdentical('<script>alert("Welcome to the discovered jungle!")</script>', $title);
     $this->assertFalse(SafeMarkup::isSafe($title));
     // Create a hierarchy.
     \Drupal::state()->set('menu_link_content_dynamic_route.routes', ['route_name_1' => new Route('/example-path'), 'route_name_2' => new Route('/example-path/child')]);
     $child = MenuLinkContent::create(['title' => 'Child', 'link' => [['uri' => 'entity:/example-path/child']], 'menu_name' => 'tools', 'parent' => 'menu_link_content:' . $parent->uuid()]);
     $child->save();
     $parent->set('link', [['uri' => 'entity:/example-path']]);
     $parent->save();
     $menu_tree = \Drupal::menuTree()->load('tools', new MenuTreeParameters());
     $this->assertEqual(1, count($menu_tree));
     /** @var \Drupal\Core\Menu\MenuLinkTreeElement $tree_element */
     $tree_element = reset($menu_tree);
     $this->assertTrue($tree_element->hasChildren);
     $this->assertEqual(1, count($tree_element->subtree));
     // Edit child element link to use 'internal' instead of 'entity'.
     $child->set('link', [['uri' => 'internal:/example-path/child']]);
     $child->save();
     \Drupal::service('plugin.manager.menu.link')->rebuild();
     $menu_tree = \Drupal::menuTree()->load('tools', new MenuTreeParameters());
     $this->assertEqual(1, count($menu_tree));
     /** @var \Drupal\Core\Menu\MenuLinkTreeElement $tree_element */
     $tree_element = reset($menu_tree);
     $this->assertTrue($tree_element->hasChildren);
     $this->assertEqual(1, count($tree_element->subtree));
 }
開發者ID:ddrozdik,項目名稱:dmaps,代碼行數:51,代碼來源:MenuLinkContentDeriverTest.php

示例6: testCommentPreview

 /**
  * Tests comment preview.
  */
 function testCommentPreview()
 {
     // As admin user, configure comment settings.
     $this->drupalLogin($this->adminUser);
     $this->setCommentPreview(DRUPAL_OPTIONAL);
     $this->setCommentForm(TRUE);
     $this->setCommentSubject(TRUE);
     $this->setCommentSettings('default_mode', CommentManagerInterface::COMMENT_MODE_THREADED, 'Comment paging changed.');
     $this->drupalLogout();
     // Login as web user.
     $this->drupalLogin($this->webUser);
     // Test escaping of the username on the preview form.
     \Drupal::service('module_installer')->install(['user_hooks_test']);
     \Drupal::state()->set('user_hooks_test_user_format_name_alter', TRUE);
     $edit = array();
     $edit['subject[0][value]'] = $this->randomMachineName(8);
     $edit['comment_body[0][value]'] = $this->randomMachineName(16);
     $this->drupalPostForm('node/' . $this->node->id(), $edit, t('Preview'));
     $this->assertEscaped('<em>' . $this->webUser->id() . '</em>');
     \Drupal::state()->set('user_hooks_test_user_format_name_alter_safe', TRUE);
     $this->drupalPostForm('node/' . $this->node->id(), $edit, t('Preview'));
     $this->assertTrue(SafeMarkup::isSafe($this->webUser->getDisplayName()), 'Username is marked safe');
     $this->assertNoEscaped('<em>' . $this->webUser->id() . '</em>');
     $this->assertRaw('<em>' . $this->webUser->id() . '</em>');
     // Add a user picture.
     $image = current($this->drupalGetTestFiles('image'));
     $user_edit['files[user_picture_0]'] = drupal_realpath($image->uri);
     $this->drupalPostForm('user/' . $this->webUser->id() . '/edit', $user_edit, t('Save'));
     // As the web user, fill in the comment form and preview the comment.
     $this->drupalPostForm('node/' . $this->node->id(), $edit, t('Preview'));
     // Check that the preview is displaying the title and body.
     $this->assertTitle(t('Preview comment | Drupal'), 'Page title is "Preview comment".');
     $this->assertText($edit['subject[0][value]'], 'Subject displayed.');
     $this->assertText($edit['comment_body[0][value]'], 'Comment displayed.');
     // Check that the title and body fields are displayed with the correct values.
     $this->assertFieldByName('subject[0][value]', $edit['subject[0][value]'], 'Subject field displayed.');
     $this->assertFieldByName('comment_body[0][value]', $edit['comment_body[0][value]'], 'Comment field displayed.');
     // Check that the user picture is displayed.
     $this->assertFieldByXPath("//article[contains(@class, 'preview')]//div[contains(@class, 'user-picture')]//img", NULL, 'User picture displayed.');
 }
開發者ID:ddrozdik,項目名稱:dmaps,代碼行數:43,代碼來源:CommentPreviewTest.php

示例7: testHookLinkAlter

 /**
  * Tests how hook_link_alter() can affect escaping of the link text.
  */
 function testHookLinkAlter()
 {
     $url = Url::fromUri('http://example.com');
     $renderer = \Drupal::service('renderer');
     $link = $renderer->executeInRenderContext(new RenderContext(), function () use($url) {
         return \Drupal::l(['#markup' => '<em>link with markup</em>'], $url);
     });
     $this->setRawContent($link);
     $this->assertTrue(SafeMarkup::isSafe($link), 'The output of link generation is marked safe as it is a link.');
     // Ensure the content of the link is not escaped.
     $this->assertRaw('<em>link with markup</em>');
     // Test just adding text to an already safe string.
     \Drupal::state()->set('link_generation_test_link_alter', TRUE);
     $link = $renderer->executeInRenderContext(new RenderContext(), function () use($url) {
         return \Drupal::l(['#markup' => '<em>link with markup</em>'], $url);
     });
     $this->setRawContent($link);
     $this->assertTrue(SafeMarkup::isSafe($link), 'The output of link generation is marked safe as it is a link.');
     // Ensure the content of the link is escaped.
     $this->assertEscaped('<em>link with markup</em> <strong>Test!</strong>');
     // Test passing a safe string to t().
     \Drupal::state()->set('link_generation_test_link_alter_safe', TRUE);
     $link = $renderer->executeInRenderContext(new RenderContext(), function () use($url) {
         return \Drupal::l(['#markup' => '<em>link with markup</em>'], $url);
     });
     $this->setRawContent($link);
     $this->assertTrue(SafeMarkup::isSafe($link), 'The output of link generation is marked safe as it is a link.');
     // Ensure the content of the link is escaped.
     $this->assertRaw('<em>link with markup</em> <strong>Test!</strong>');
     // Test passing an unsafe string to t().
     $link = $renderer->executeInRenderContext(new RenderContext(), function () use($url) {
         return \Drupal::l('<em>link with markup</em>', $url);
     });
     $this->setRawContent($link);
     $this->assertTrue(SafeMarkup::isSafe($link), 'The output of link generation is marked safe as it is a link.');
     // Ensure the content of the link is escaped.
     $this->assertEscaped('<em>link with markup</em>');
     $this->assertRaw('<strong>Test!</strong>');
 }
開發者ID:ddrozdik,項目名稱:dmaps,代碼行數:42,代碼來源:LinkGenerationTest.php

示例8: createAttributeValue

 /**
  * Creates the different types of attribute values.
  *
  * @param string $name
  *   The attribute name.
  * @param mixed $value
  *   The attribute value.
  *
  * @return \Drupal\Core\Template\AttributeValueBase
  *   An AttributeValueBase representation of the attribute's value.
  */
 protected function createAttributeValue($name, $value)
 {
     // If the value is already an AttributeValueBase object,
     // return a new instance of the same class, but with the new name.
     if ($value instanceof AttributeValueBase) {
         $class = get_class($value);
         return new $class($name, $value->value());
     }
     // An array value or 'class' attribute name are forced to always be an
     // AttributeArray value for consistency.
     if ($name == 'class' && !is_array($value)) {
         // Cast the value to string in case it implements MarkupInterface.
         $value = [(string) $value];
     }
     if (is_array($value)) {
         // Cast the value to an array if the value was passed in as a string.
         // @todo Decide to fix all the broken instances of class as a string
         // in core or cast them.
         $value = new AttributeArray($name, $value);
     } elseif (is_bool($value)) {
         $value = new AttributeBoolean($name, $value);
     } elseif (SafeMarkup::isSafe($value)) {
         // Attributes are not supposed to display HTML markup, so we just convert
         // the value to plain text.
         $value = PlainTextOutput::renderFromHtml($value);
         $value = new AttributeString($name, $value);
     } elseif (!is_object($value)) {
         $value = new AttributeString($name, $value);
     }
     return $value;
 }
開發者ID:papillon-cendre,項目名稱:d8,代碼行數:42,代碼來源:Attribute.php

示例9: getCacheableRenderArray

 /**
  * {@inheritdoc}
  */
 public function getCacheableRenderArray(array $elements)
 {
     $data = ['#markup' => $elements['#markup'], '#attached' => $elements['#attached'], '#cache' => ['contexts' => $elements['#cache']['contexts'], 'tags' => $elements['#cache']['tags'], 'max-age' => $elements['#cache']['max-age']]];
     // Preserve cacheable items if specified. If we are preserving any cacheable
     // children of the element, we assume we are only interested in their
     // individual markup and not the parent's one, thus we empty it to minimize
     // the cache entry size.
     if (!empty($elements['#cache_properties']) && is_array($elements['#cache_properties'])) {
         $data['#cache_properties'] = $elements['#cache_properties'];
         // Ensure that any safe strings are a Markup object.
         foreach (Element::properties(array_flip($elements['#cache_properties'])) as $cache_property) {
             if (isset($elements[$cache_property]) && is_scalar($elements[$cache_property]) && SafeMarkup::isSafe($elements[$cache_property])) {
                 $elements[$cache_property] = Markup::create($elements[$cache_property]);
             }
         }
         // Extract all the cacheable items from the element using cache
         // properties.
         $cacheable_items = array_intersect_key($elements, array_flip($elements['#cache_properties']));
         $cacheable_children = Element::children($cacheable_items);
         if ($cacheable_children) {
             $data['#markup'] = '';
             // Cache only cacheable children's markup.
             foreach ($cacheable_children as $key) {
                 // We can assume that #markup is safe at this point.
                 $cacheable_items[$key] = ['#markup' => Markup::create($cacheable_items[$key]['#markup'])];
             }
         }
         $data += $cacheable_items;
     }
     $data['#markup'] = Markup::create($data['#markup']);
     return $data;
 }
開發者ID:papillon-cendre,項目名稱:d8,代碼行數:35,代碼來源:RenderCache.php

示例10: testFormat

  /**
   * Tests string formatting with SafeMarkup::format().
   *
   * @dataProvider providerFormat
   * @covers ::format
   *
   * @param string $string
   *   The string to run through SafeMarkup::format().
   * @param string[] $args
   *   The arguments to pass into SafeMarkup::format().
   * @param string $expected
   *   The expected result from calling the function.
   * @param string $message
   *   The message to display as output to the test.
   * @param bool $expected_is_safe
   *   Whether the result is expected to be safe for HTML display.
   */
  public function testFormat($string, array $args, $expected, $message, $expected_is_safe) {
    UrlHelper::setAllowedProtocols(['http', 'https', 'mailto']);

    $result = SafeMarkup::format($string, $args);
    $this->assertEquals($expected, $result, $message);
    $this->assertEquals($expected_is_safe, SafeMarkup::isSafe($result), 'SafeMarkup::format correctly sets the result as safe or not safe.');

    foreach ($args as $arg) {
      $this->assertSame($arg instanceof SafeMarkupTestMarkup, SafeMarkup::isSafe($arg));
    }
  }
開發者ID:komejo,項目名稱:article-test,代碼行數:28,代碼來源:SafeMarkupTest.php

示例11: preRenderConditionalComments

 /**
  * Pre-render callback: Renders #browsers into #prefix and #suffix.
  *
  * @param array $element
  *   A render array with a '#browsers' property. The '#browsers' property can
  *   contain any or all of the following keys:
  *   - 'IE': If FALSE, the element is not rendered by Internet Explorer. If
  *     TRUE, the element is rendered by Internet Explorer. Can also be a string
  *     containing an expression for Internet Explorer to evaluate as part of a
  *     conditional comment. For example, this can be set to 'lt IE 7' for the
  *     element to be rendered in Internet Explorer 6, but not in Internet
  *     Explorer 7 or higher. Defaults to TRUE.
  *   - '!IE': If FALSE, the element is not rendered by browsers other than
  *     Internet Explorer. If TRUE, the element is rendered by those browsers.
  *     Defaults to TRUE.
  *   Examples:
  *   - To render an element in all browsers, '#browsers' can be left out or set
  *     to array('IE' => TRUE, '!IE' => TRUE).
  *   - To render an element in Internet Explorer only, '#browsers' can be set
  *     to array('!IE' => FALSE).
  *   - To render an element in Internet Explorer 6 only, '#browsers' can be set
  *     to array('IE' => 'lt IE 7', '!IE' => FALSE).
  *   - To render an element in Internet Explorer 8 and higher and in all other
  *     browsers, '#browsers' can be set to array('IE' => 'gte IE 8').
  *
  * @return array
  *   The passed-in element with markup for conditional comments potentially
  *   added to '#prefix' and '#suffix'.
  */
 public static function preRenderConditionalComments($element)
 {
     $browsers = isset($element['#browsers']) ? $element['#browsers'] : array();
     $browsers += array('IE' => TRUE, '!IE' => TRUE);
     // If rendering in all browsers, no need for conditional comments.
     if ($browsers['IE'] === TRUE && $browsers['!IE']) {
         return $element;
     }
     // Determine the conditional comment expression for Internet Explorer to
     // evaluate.
     if ($browsers['IE'] === TRUE) {
         $expression = 'IE';
     } elseif ($browsers['IE'] === FALSE) {
         $expression = '!IE';
     } else {
         // The IE expression might contain some user input data.
         $expression = Xss::filterAdmin($browsers['IE']);
     }
     // If the #prefix and #suffix properties are used, wrap them with
     // conditional comment markup. The conditional comment expression is
     // evaluated by Internet Explorer only. To control the rendering by other
     // browsers, use either the "downlevel-hidden" or "downlevel-revealed"
     // technique. See http://en.wikipedia.org/wiki/Conditional_comment
     // for details.
     // Ensure what we are dealing with is safe.
     // This would be done later anyway in drupal_render().
     $prefix = isset($element['#prefix']) ? $element['#prefix'] : '';
     if ($prefix && !SafeMarkup::isSafe($prefix)) {
         $prefix = Xss::filterAdmin($prefix);
     }
     $suffix = isset($element['#suffix']) ? $element['#suffix'] : '';
     if ($suffix && !SafeMarkup::isSafe($suffix)) {
         $suffix = Xss::filterAdmin($suffix);
     }
     // We ensured above that $expression is either a string we created or is
     // admin XSS filtered, and that $prefix and $suffix are also admin XSS
     // filtered if they are unsafe. Thus, all these strings are safe.
     if (!$browsers['!IE']) {
         // "downlevel-hidden".
         $element['#prefix'] = Markup::create("\n<!--[if {$expression}]>\n" . $prefix);
         $element['#suffix'] = Markup::create($suffix . "<![endif]-->\n");
     } else {
         // "downlevel-revealed".
         $element['#prefix'] = Markup::create("\n<!--[if {$expression}]><!-->\n" . $prefix);
         $element['#suffix'] = Markup::create($suffix . "<!--<![endif]-->\n");
     }
     return $element;
 }
開發者ID:systemick3,項目名稱:systemick.co.uk,代碼行數:77,代碼來源:HtmlTag.php

示例12: xssFilterAdminIfUnsafe

 /**
  * Applies a very permissive XSS/HTML filter for admin-only use.
  *
  * Note: This method only filters if $string is not marked safe already. This
  * ensures that HTML intended for display is not filtered.
  *
  * @param string|\Drupal\Core\Render\SafeString $string
  *   A string.
  *
  * @return \Drupal\Core\Render\SafeString
  *   The escaped string wrapped in a SafeString object. If
  *   SafeMarkup::isSafe($string) returns TRUE, it won't be escaped again.
  */
 protected function xssFilterAdminIfUnsafe($string)
 {
     if (!SafeMarkup::isSafe($string)) {
         $string = Xss::filterAdmin($string);
     }
     return SafeString::create($string);
 }
開發者ID:nsp15,項目名稱:Drupal8,代碼行數:20,代碼來源:Renderer.php

示例13: ensureMarkupIsSafe

 /**
  * Escapes #plain_text or filters #markup as required.
  *
  * Drupal uses Twig's auto-escape feature to improve security. This feature
  * automatically escapes any HTML that is not known to be safe. Due to this
  * the render system needs to ensure that all markup it generates is marked
  * safe so that Twig does not do any additional escaping.
  *
  * By default all #markup is filtered to protect against XSS using the admin
  * tag list. Render arrays can alter the list of tags allowed by the filter
  * using the #allowed_tags property. This value should be an array of tags
  * that Xss::filter() would accept. Render arrays can escape text instead
  * of XSS filtering by setting the #plain_text property instead of #markup. If
  * #plain_text is used #allowed_tags is ignored.
  *
  * @param array $elements
  *   A render array with #markup set.
  *
  * @return \Drupal\Component\Render\MarkupInterface|string
  *   The escaped markup wrapped in a Markup object. If
  *   SafeMarkup::isSafe($elements['#markup']) returns TRUE, it won't be
  *   escaped or filtered again.
  *
  * @see \Drupal\Component\Utility\Html::escape()
  * @see \Drupal\Component\Utility\Xss::filter()
  * @see \Drupal\Component\Utility\Xss::adminFilter()
  */
 protected function ensureMarkupIsSafe(array $elements)
 {
     if (empty($elements['#markup']) && empty($elements['#plain_text'])) {
         return $elements;
     }
     if (!empty($elements['#plain_text'])) {
         $elements['#markup'] = Markup::create(Html::escape($elements['#plain_text']));
     } elseif (!SafeMarkup::isSafe($elements['#markup'])) {
         // The default behaviour is to XSS filter using the admin tag list.
         $tags = isset($elements['#allowed_tags']) ? $elements['#allowed_tags'] : Xss::getAdminTagList();
         $elements['#markup'] = Markup::create(Xss::filter($elements['#markup'], $tags));
     }
     return $elements;
 }
開發者ID:ddrozdik,項目名稱:dmaps,代碼行數:41,代碼來源:Renderer.php

示例14: replace

 /**
  * Replaces all tokens in a given string with appropriate values.
  *
  * @param string $text
  *   An HTML string containing replaceable tokens. The caller is responsible
  *   for calling \Drupal\Component\Utility\Html::escape() in case the $text
  *   was plain text.
  * @param array $data
  *   (optional) An array of keyed objects. For simple replacement scenarios
  *   'node', 'user', and others are common keys, with an accompanying node or
  *   user object being the value. Some token types, like 'site', do not require
  *   any explicit information from $data and can be replaced even if it is
  *   empty.
  * @param array $options
  *   (optional) A keyed array of settings and flags to control the token
  *   replacement process. Supported options are:
  *   - langcode: A language code to be used when generating locale-sensitive
  *     tokens.
  *   - callback: A callback function that will be used to post-process the
  *     array of token replacements after they are generated.
  *   - clear: A boolean flag indicating that tokens should be removed from the
  *     final text if no replacement value can be generated.
  * @param \Drupal\Core\Render\BubbleableMetadata $bubbleable_metadata|null
  *   (optional) An object to which static::generate() and the hooks and
  *   functions that it invokes will add their required bubbleable metadata.
  *
  *   To ensure that the metadata associated with the token replacements gets
  *   attached to the same render array that contains the token-replaced text,
  *   callers of this method are encouraged to pass in a BubbleableMetadata
  *   object and apply it to the corresponding render array. For example:
  *   @code
  *     $bubbleable_metadata = new BubbleableMetadata();
  *     $build['#markup'] = $token_service->replace('Tokens: [node:nid] [current-user:uid]', ['node' => $node], [], $bubbleable_metadata);
  *     $bubbleable_metadata->applyTo($build);
  *   @endcode
  *
  *   When the caller does not pass in a BubbleableMetadata object, this
  *   method creates a local one, and applies the collected metadata to the
  *   Renderer's currently active render context.
  *
  * @return string
  *   The token result is the entered HTML text with tokens replaced. The
  *   caller is responsible for choosing the right escaping / sanitization. If
  *   the result is intended to be used as plain text, using
  *   PlainTextOutput::renderFromHtml() is recommended. If the result is just
  *   printed as part of a template relying on Twig autoescaping is possible,
  *   otherwise for example the result can be put into #markup, in which case
  *   it would be sanitized by Xss::filterAdmin().
  */
 public function replace($text, array $data = array(), array $options = array(), BubbleableMetadata $bubbleable_metadata = NULL)
 {
     $text_tokens = $this->scan($text);
     if (empty($text_tokens)) {
         return $text;
     }
     $bubbleable_metadata_is_passed_in = (bool) $bubbleable_metadata;
     $bubbleable_metadata = $bubbleable_metadata ?: new BubbleableMetadata();
     $replacements = array();
     foreach ($text_tokens as $type => $tokens) {
         $replacements += $this->generate($type, $tokens, $data, $options, $bubbleable_metadata);
         if (!empty($options['clear'])) {
             $replacements += array_fill_keys($tokens, '');
         }
     }
     // Escape the tokens, unless they are explicitly markup.
     foreach ($replacements as $token => $value) {
         $replacements[$token] = SafeMarkup::isSafe($value) ? $value : Html::escape($value);
     }
     // Optionally alter the list of replacement values.
     if (!empty($options['callback'])) {
         $function = $options['callback'];
         $function($replacements, $data, $options, $bubbleable_metadata);
     }
     $tokens = array_keys($replacements);
     $values = array_values($replacements);
     // If a local $bubbleable_metadata object was created, apply the metadata
     // it collected to the renderer's currently active render context.
     if (!$bubbleable_metadata_is_passed_in && $this->renderer->hasRenderContext()) {
         $build = [];
         $bubbleable_metadata->applyTo($build);
         $this->renderer->render($build);
     }
     return str_replace($tokens, $values, $text);
 }
開發者ID:komejo,項目名稱:article-test,代碼行數:84,代碼來源:Token.php

示例15: runTasks

 /**
  * Run database tasks and tests to see if Drupal can run on the database.
  */
 public function runTasks()
 {
     // We need to establish a connection before we can run tests.
     if ($this->connect()) {
         foreach ($this->tasks as $task) {
             if (!isset($task['function'])) {
                 $task['function'] = 'runTestQuery';
             }
             if (method_exists($this, $task['function'])) {
                 // Returning false is fatal. No other tasks can run.
                 if (FALSE === call_user_func_array(array($this, $task['function']), $task['arguments'])) {
                     break;
                 }
             } else {
                 throw new TaskException(t("Failed to run all tasks against the database server. The task %task wasn't found.", array('%task' => $task['function'])));
             }
         }
     }
     // Check for failed results and compile message
     $message = '';
     foreach ($this->results as $result => $success) {
         if (!$success) {
             $message = SafeMarkup::isSafe($result) ? $result : SafeMarkup::checkPlain($result);
         }
     }
     if (!empty($message)) {
         $message = SafeMarkup::set('Resolve all issues below to continue the installation. For help configuring your database server, see the <a href="https://www.drupal.org/getting-started/install">installation handbook</a>, or contact your hosting provider.' . $message);
         throw new TaskException($message);
     }
 }
開發者ID:nstielau,項目名稱:drops-8,代碼行數:33,代碼來源:Tasks.php


注:本文中的Drupal\Component\Utility\SafeMarkup::isSafe方法示例由純淨天空整理自Github/MSDocs等開源代碼及文檔管理平台,相關代碼片段篩選自各路編程大神貢獻的開源項目,源碼版權歸原作者所有,傳播和使用請參考對應項目的License;未經允許,請勿轉載。