Login Register

Sanitization functions

Functions to sanitize values.

See https://www.drupal.org/writing-secure-code for information on writing secure code.

File

core/includes/common.inc, line 188: Common functions that many Drupal modules will need to reference.

Functions

Name	Location	Description
check_markup	core/modules/filter/filter.module	Runs all the enabled filters on a piece of text.
check_url Deprecated	core/includes/common.inc	Strips dangerous protocols from a URI and encodes it for output to HTML.
FormattableMarkup::placeholderFormat	core/lib/Drupal/Component/Render/FormattableMarkup.php	Replaces placeholders in a string with values.
format_string Deprecated	core/includes/bootstrap.inc	Formats a string for HTML display by replacing variable placeholders.
Html::escape	core/lib/Drupal/Component/Utility/Html.php	Escapes text by converting special characters to HTML entities.
ProcessedText::preRenderText	core/modules/filter/src/Element/ProcessedText.php	Pre-render callback: Renders a processed text element into #markup.
StringTranslationTrait::t	core/lib/Drupal/Core/StringTranslation/StringTranslationTrait.php	Translates a string to the current language or to a given language.
t	core/includes/bootstrap.inc	Translates a string to the current language or to a given language.
TranslatableMarkup::__construct	core/lib/Drupal/Core/StringTranslation/TranslatableMarkup.php	Constructs a new class instance.
TranslationInterface::translate	core/lib/Drupal/Core/StringTranslation/TranslationInterface.php	Translates a string to the current language or to a given language.
Xss::filter	core/lib/Drupal/Component/Utility/Xss.php	Filters HTML to prevent cross-site-scripting (XSS) vulnerabilities.
Xss::filterAdmin	core/lib/Drupal/Component/Utility/Xss.php	Applies a very permissive XSS/HTML filter for admin-only use.

Classes

Name	Location	Description
FormattableMarkup	core/lib/Drupal/Component/Render/FormattableMarkup.php	Formats a string for HTML display by replacing variable placeholders.
HtmlEscapedText	core/lib/Drupal/Component/Render/HtmlEscapedText.php	Escapes HTML syntax characters to HTML entities for display in markup.

Links:

https://api.drupal.org/api/drupal/core%21includes%21common.inc/group/sanitization/8.2.x

doc_Drupal

2016-10-29 09:39:33

Comments

Leave a Comment

Please login to continue.

Popular Articles

sanitize sanitize(text, options = {}) Instance Public methods

sanitize sanitize(spec) Instance Public methods Sanitize the descriptive fields in the spec. Sometimes non-ASCII characters will garble the site

sanitize sanitize(text, options = {}) Instance Public methods

Sanitizer Stable Class Class Overview class Sanitizer { sanitize(context: SecurityContext, value: string) : string } Class Description Sanitizer is used

sanitize sanitize(html, options = {}) Instance Public methods This sanitize helper will html encode all tags and strip all attributes that aren't