public static function UrlHelper::filterBadProtocol

public static UrlHelper::filterBadProtocol($string)

Processes an HTML attribute value and strips dangerous protocols from URLs.

Parameters

string $string: The string with the attribute value.

Return value

string Cleaned up and HTML-escaped version of $string.

File

core/lib/Drupal/Component/Utility/UrlHelper.php, line 274

Class

UrlHelper: Helper class URL based methods.

Namespace

Drupal\Component\Utility

Code

public static function filterBadProtocol($string) {
  // Get the plain text representation of the attribute value (i.e. its
  // meaning).
  $string = Html::decodeEntities($string);
  return Html::escape(static::stripDangerousProtocols($string));
}

© 2001–2016 by the original authors
Licensed under the GNU General Public License, version 2 and later.
Drupal is a registered trademark of Dries Buytaert.
https://api.drupal.org/api/drupal/core!lib!Drupal!Component!Utility!UrlHelper.php/function/UrlHelper::filterBadProtocol/8.1.x