Xss::filterAdmin

public static Xss::filterAdmin($string)

Applies a very permissive XSS/HTML filter for admin-only use.

Use only for fields where it is impractical to use the whole filter system, but where some (mainly inline) mark-up is desired (so \Drupal\Component\Utility\Html::escape() is not acceptable).

Allows all tags that can be used inside an HTML body, save for scripts and styles.

Parameters

string $string: The string to apply the filter to.

Return value

string The filtered string.

See also

\Drupal\Component\Utility\Xss::getAdminTagList()

Related topics

Sanitization functions
Functions to sanitize values.

File

core/lib/Drupal/Component/Utility/Xss.php, line 120

Class

Xss
Provides helper to filter for cross-site scripting.

Namespace

Drupal\Component\Utility

Code

public static function filterAdmin($string) {
  return static::filter($string, static::$adminTags);
}
doc_Drupal
2016-10-29 09:56:52
Comments
Leave a Comment

Please login to continue.