當前位置: 首頁>>代碼示例>>PHP>>正文


PHP Xss::getAdminTagList方法代碼示例

本文整理匯總了PHP中Drupal\Component\Utility\Xss::getAdminTagList方法的典型用法代碼示例。如果您正苦於以下問題:PHP Xss::getAdminTagList方法的具體用法?PHP Xss::getAdminTagList怎麽用?PHP Xss::getAdminTagList使用的例子?那麽, 這裏精選的方法代碼示例或許可以為您提供幫助。您也可以進一步了解該方法所在Drupal\Component\Utility\Xss的用法示例。


在下文中一共展示了Xss::getAdminTagList方法的3個代碼示例,這些例子默認根據受歡迎程度排序。您可以為喜歡或者感覺有用的代碼點讚,您的評價將有助於係統推薦出更棒的PHP代碼示例。

示例1: build

 /**
  * {@inheritdoc}
  */
 public function build()
 {
     $this->view->display_handler->preBlockBuild($this);
     if ($output = $this->view->buildRenderable($this->displayID, [], FALSE)) {
         // Override the label to the dynamic title configured in the view.
         if (empty($this->configuration['views_label']) && $this->view->getTitle()) {
             // @todo https://www.drupal.org/node/2527360 remove call to SafeMarkup.
             $output['#title'] = SafeMarkup::xssFilter($this->view->getTitle(), Xss::getAdminTagList());
         }
         // Before returning the block output, convert it to a renderable array
         // with contextual links.
         $this->addContextualLinks($output);
         return $output;
     }
     return array();
 }
開發者ID:nsp15,項目名稱:Drupal8,代碼行數:19,代碼來源:ViewsBlock.php

示例2: ensureMarkupIsSafe

 /**
  * Escapes #plain_text or filters #markup as required.
  *
  * Drupal uses Twig's auto-escape feature to improve security. This feature
  * automatically escapes any HTML that is not known to be safe. Due to this
  * the render system needs to ensure that all markup it generates is marked
  * safe so that Twig does not do any additional escaping.
  *
  * By default all #markup is filtered to protect against XSS using the admin
  * tag list. Render arrays can alter the list of tags allowed by the filter
  * using the #allowed_tags property. This value should be an array of tags
  * that Xss::filter() would accept. Render arrays can escape text instead
  * of XSS filtering by setting the #plain_text property instead of #markup. If
  * #plain_text is used #allowed_tags is ignored.
  *
  * @param array $elements
  *   A render array with #markup set.
  *
  * @return \Drupal\Component\Render\MarkupInterface|string
  *   The escaped markup wrapped in a Markup object. If
  *   SafeMarkup::isSafe($elements['#markup']) returns TRUE, it won't be
  *   escaped or filtered again.
  *
  * @see \Drupal\Component\Utility\Html::escape()
  * @see \Drupal\Component\Utility\Xss::filter()
  * @see \Drupal\Component\Utility\Xss::adminFilter()
  */
 protected function ensureMarkupIsSafe(array $elements)
 {
     if (empty($elements['#markup']) && empty($elements['#plain_text'])) {
         return $elements;
     }
     if (!empty($elements['#plain_text'])) {
         $elements['#markup'] = Markup::create(Html::escape($elements['#plain_text']));
     } elseif (!SafeMarkup::isSafe($elements['#markup'])) {
         // The default behaviour is to XSS filter using the admin tag list.
         $tags = isset($elements['#allowed_tags']) ? $elements['#allowed_tags'] : Xss::getAdminTagList();
         $elements['#markup'] = Markup::create(Xss::filter($elements['#markup'], $tags));
     }
     return $elements;
 }
開發者ID:ddrozdik,項目名稱:dmaps,代碼行數:41,代碼來源:Renderer.php

示例3: execute

 /**
  * Overrides \Drupal\views\Plugin\views\display\PathPluginBase::execute().
  */
 public function execute()
 {
     parent::execute();
     // And now render the view.
     $render = $this->view->render();
     // First execute the view so it's possible to get tokens for the title.
     // And the title, which is much easier.
     // @todo Figure out how to support custom response objects. Maybe for pages
     //   it should be dropped.
     if (is_array($render)) {
         $render += array('#title' => SafeMarkup::xssFilter($this->view->getTitle(), Xss::getAdminTagList()));
     }
     return $render;
 }
開發者ID:nsp15,項目名稱:Drupal8,代碼行數:17,代碼來源:Page.php


注:本文中的Drupal\Component\Utility\Xss::getAdminTagList方法示例由純淨天空整理自Github/MSDocs等開源代碼及文檔管理平台,相關代碼片段篩選自各路編程大神貢獻的開源項目,源碼版權歸原作者所有,傳播和使用請參考對應項目的License;未經允許,請勿轉載。