diff --git a/core/includes/common.inc b/core/includes/common.inc index 5da1707..d633839 100644 --- a/core/includes/common.inc +++ b/core/includes/common.inc @@ -20,6 +20,7 @@ use Drupal\Core\Datetime\DrupalDateTime; use Drupal\Core\Routing\GeneratorNotInitializedException; use Drupal\Core\Template\Attribute; +use Drupal\Core\Template\Markup; use Drupal\Core\Render\Element; /** @@ -4015,7 +4016,7 @@ function drupal_render(&$elements, $is_recursive_call = FALSE) { } $elements['#printed'] = TRUE; - return $elements['#markup']; + return new Markup($elements['#markup']); } /** diff --git a/core/includes/form.inc b/core/includes/form.inc index f4a7718..6894dc5 100644 --- a/core/includes/form.inc +++ b/core/includes/form.inc @@ -13,6 +13,7 @@ use Drupal\Core\Database\Database; use Drupal\Core\Language\Language; use Drupal\Core\Template\Attribute; +use Drupal\Core\Template\Markup; use Drupal\Core\Utility\Color; use Symfony\Component\HttpFoundation\RedirectResponse; @@ -1030,7 +1031,7 @@ function template_preprocess_fieldset(&$variables) { $variables['prefix'] = isset($element['#field_prefix']) ? $element['#field_prefix'] : NULL; $variables['suffix'] = isset($element['#field_suffix']) ? $element['#field_suffix'] : NULL; - $variables['children'] = $element['#children']; + $variables['children'] = new Markup($element['#children']); // Build legend properties. $variables['legend'] = array(); @@ -2691,7 +2692,7 @@ function template_preprocess_form(&$variables) { $element['#attributes']['accept-charset'] = "UTF-8"; } $variables['attributes'] = $element['#attributes']; - $variables['children'] = $element['#children']; + $variables['children'] = new Markup($element['#children']); } /** @@ -2909,7 +2910,7 @@ function template_preprocess_form_element(&$variables) { $variables['label'] = array('#theme' => 'form_element_label'); $variables['label'] += array_intersect_key($element, array_flip(array('#id', '#required', '#title', '#title_display'))); - $variables['children'] = $element['#children']; + $variables['children'] = new Markup($element['#children']); } /** diff --git a/core/includes/theme.inc b/core/includes/theme.inc index f699d4b..1e2880c 100644 --- a/core/includes/theme.inc +++ b/core/includes/theme.inc @@ -15,6 +15,7 @@ use Drupal\Core\Extension\Extension; use Drupal\Core\Extension\ExtensionNameLengthException; use Drupal\Core\Template\Attribute; +use Drupal\Core\Template\Markup; use Drupal\Core\Template\RenderWrapper; use Drupal\Core\Theme\ThemeSettings; use Drupal\Component\Utility\NestedArray; @@ -1701,7 +1702,7 @@ function template_preprocess_item_list(&$variables) { // Set the item's value and attributes for the template. $item = array( - 'value' => $item, + 'value' => new Markup($item), 'attributes' => new Attribute($attributes), ); } @@ -1784,7 +1785,7 @@ function template_preprocess_container(&$variables) { $element['#attributes']['class'][] = 'form-wrapper'; } - $variables['children'] = $element['#children']; + $variables['children'] = new Markup($element['#children']); $variables['attributes'] = $element['#attributes']; } @@ -2374,7 +2375,7 @@ function template_preprocess_install_page(&$variables) { */ function template_preprocess_region(&$variables) { // Create the $content variable that templates expect. - $variables['content'] = $variables['elements']['#children']; + $variables['content'] = new Markup($variables['elements']['#children']); $variables['region'] = $variables['elements']['#region']; $variables['attributes']['class'][] = 'region'; diff --git a/core/lib/Drupal/Core/CoreServiceProvider.php b/core/lib/Drupal/Core/CoreServiceProvider.php index d835f6e..4a7e70a 100644 --- a/core/lib/Drupal/Core/CoreServiceProvider.php +++ b/core/lib/Drupal/Core/CoreServiceProvider.php @@ -112,7 +112,7 @@ public static function registerTwig(ContainerBuilder $container) { 'cache' => drupal_installation_attempted() ? FALSE : settings()->get('twig_cache', TRUE), // @todo Remove in followup issue // @see http://drupal.org/node/1712444. - 'autoescape' => FALSE, + 'autoescape' => TRUE, 'debug' => settings()->get('twig_debug', FALSE), 'auto_reload' => settings()->get('twig_auto_reload', NULL), )) diff --git a/core/lib/Drupal/Core/Template/Markup.php b/core/lib/Drupal/Core/Template/Markup.php new file mode 100644 index 0000000..fb53545 --- /dev/null +++ b/core/lib/Drupal/Core/Template/Markup.php @@ -0,0 +1,51 @@ +content = $content; + $this->charset = $charset; + } + + /** + * Implements the magic __toString() method. + */ + public function __toString() { + return (string) $this->render(); + } + + /** + * Renders the markup. + * + * @return string + * The results of the callback function. + */ + public function render() { + return $this->content; + } + +} diff --git a/core/lib/Drupal/Core/Template/RenderWrapper.php b/core/lib/Drupal/Core/Template/RenderWrapper.php index 7d7770d..1de1798 100644 --- a/core/lib/Drupal/Core/Template/RenderWrapper.php +++ b/core/lib/Drupal/Core/Template/RenderWrapper.php @@ -52,7 +52,7 @@ public function __construct($callback, array $args = array()) { * Implements the magic __toString() method. */ public function __toString() { - return $this->render(); + return (string) $this->render(); } /** diff --git a/core/themes/engines/twig/twig.engine b/core/themes/engines/twig/twig.engine index aab2c16..f00ed71 100644 --- a/core/themes/engines/twig/twig.engine +++ b/core/themes/engines/twig/twig.engine @@ -6,6 +6,7 @@ */ use Drupal\Core\Extension\Extension; +use Drupal\Core\Template\Markup; /** * Implements hook_theme(). @@ -137,7 +138,7 @@ function twig_render_var($arg) { if (is_object($arg)) { if (method_exists($arg, '__toString')) { - return (string) $arg; + return new Markup($arg); } throw new Exception(t('Object of type "@class" cannot be printed.', array('@class' => get_class($arg)))); }