Code Coverage |
||||||||||
Classes and Traits |
Functions and Methods |
Lines |
||||||||
| Total | |
100.00% |
1 / 1 |
|
100.00% |
0 / 0 |
CRAP | |
100.00% |
0 / 0 |
| SafeMarkup | |
100.00% |
1 / 1 |
|
100.00% |
3 / 3 |
3 | |
100.00% |
0 / 0 |
| isSafe | |
100.00% |
1 / 1 |
1 | |
100.00% |
0 / 0 |
|||
| checkPlain | |
100.00% |
1 / 1 |
1 | |
100.00% |
0 / 0 |
|||
| format | |
100.00% |
1 / 1 |
1 | |
100.00% |
0 / 0 |
|||
| <?php | |
| /** | |
| * @file | |
| * Contains \Drupal\Component\Utility\SafeMarkup. | |
| */ | |
| namespace Drupal\Component\Utility; | |
| use Drupal\Component\Render\HtmlEscapedText; | |
| use Drupal\Component\Render\FormattableMarkup; | |
| use Drupal\Component\Render\MarkupInterface; | |
| /** | |
| * Contains deprecated functionality related to sanitization of markup. | |
| * | |
| * @deprecated Will be removed before Drupal 9.0.0. Use the appropriate | |
| * @link sanitization sanitization functions @endlink or the @link theme_render theme and render systems @endlink | |
| * so that the output can can be themed, escaped, and altered properly. | |
| * | |
| * @see TwigExtension::escapeFilter() | |
| * @see twig_render_template() | |
| * @see sanitization | |
| * @see theme_render | |
| */ | |
| class SafeMarkup { | |
| /** | |
| * Checks if a string is safe to output. | |
| * | |
| * @param string|\Drupal\Component\Render\MarkupInterface $string | |
| * The content to be checked. | |
| * @param string $strategy | |
| * (optional) This value is ignored. | |
| * | |
| * @return bool | |
| * TRUE if the string has been marked secure, FALSE otherwise. | |
| * | |
| * @deprecated in Drupal 8.0.x-dev, will be removed before Drupal 9.0.0. | |
| * Instead, you should just check if a variable is an instance of | |
| * \Drupal\Component\Render\MarkupInterface. | |
| */ | |
| public static function isSafe($string, $strategy = 'html') { | |
| return $string instanceof MarkupInterface; | |
| } | |
| /** | |
| * Encodes special characters in a plain-text string for display as HTML. | |
| * | |
| * Also validates strings as UTF-8. All processed strings are also | |
| * automatically flagged as safe markup strings for rendering. | |
| * | |
| * @param string $text | |
| * The text to be checked or processed. | |
| * | |
| * @return \Drupal\Component\Render\HtmlEscapedText | |
| * An HtmlEscapedText object that escapes when rendered to string. | |
| * | |
| * @deprecated Will be removed before Drupal 9.0.0. Rely on Twig's | |
| * auto-escaping feature, or use the @link theme_render #plain_text @endlink | |
| * key when constructing a render array that contains plain text in order to | |
| * use the renderer's auto-escaping feature. If neither of these are | |
| * possible, \Drupal\Component\Utility\Html::escape() can be used in places | |
| * where explicit escaping is needed. | |
| * | |
| * @see drupal_validate_utf8() | |
| */ | |
| public static function checkPlain($text) { | |
| return new HtmlEscapedText($text); | |
| } | |
| /** | |
| * Formats a string for HTML display by replacing variable placeholders. | |
| * | |
| * @param string $string | |
| * A string containing placeholders. The string itself will not be escaped, | |
| * any unsafe content must be in $args and inserted via placeholders. | |
| * @param array $args | |
| * An array with placeholder replacements, keyed by placeholder. See | |
| * \Drupal\Component\Render\FormattableMarkup::placeholderFormat() for | |
| * additional information about placeholders. | |
| * | |
| * @return string|\Drupal\Component\Render\MarkupInterface | |
| * The formatted string, which is an instance of MarkupInterface unless | |
| * sanitization of an unsafe argument was suppressed (see above). | |
| * | |
| * @see \Drupal\Component\Render\FormattableMarkup::placeholderFormat() | |
| * @see \Drupal\Component\Render\FormattableMarkup | |
| * | |
| * @deprecated in Drupal 8.0.0, will be removed before Drupal 9.0.0. | |
| * Use \Drupal\Component\Render\FormattableMarkup. | |
| */ | |
| public static function format($string, array $args) { | |
| return new FormattableMarkup($string, $args); | |
| } | |
| } |