diff --git a/core/includes/common.inc b/core/includes/common.inc index 46a9356..46f0383 100644 --- a/core/includes/common.inc +++ b/core/includes/common.inc @@ -29,6 +29,7 @@ use Drupal\Core\EventSubscriber\HtmlViewSubscriber; use Drupal\Core\Routing\GeneratorNotInitializedException; use Drupal\Core\Template\Attribute; +use Drupal\Core\Template\Markup; use Drupal\Core\Render\Element; use Drupal\Core\Session\AnonymousUserSession; @@ -3778,7 +3779,7 @@ function drupal_render(&$elements, $is_recursive_call = FALSE) { } $elements['#printed'] = TRUE; - return $elements['#markup']; + return new Markup($elements['#markup']); } /** diff --git a/core/includes/form.inc b/core/includes/form.inc index 1c6af1b..bb5386f 100644 --- a/core/includes/form.inc +++ b/core/includes/form.inc @@ -14,6 +14,7 @@ use Drupal\Core\Language\Language; use Drupal\Core\Render\Element; use Drupal\Core\Template\Attribute; +use Drupal\Core\Template\Markup; use Drupal\Core\Utility\Color; use Symfony\Component\HttpFoundation\RedirectResponse; @@ -1031,7 +1032,7 @@ function template_preprocess_fieldset(&$variables) { $variables['prefix'] = isset($element['#field_prefix']) ? $element['#field_prefix'] : NULL; $variables['suffix'] = isset($element['#field_suffix']) ? $element['#field_suffix'] : NULL; - $variables['children'] = $element['#children']; + $variables['children'] = new Markup($element['#children']); // Build legend properties. $variables['legend'] = array(); @@ -2689,7 +2690,7 @@ function template_preprocess_form(&$variables) { $element['#attributes']['accept-charset'] = "UTF-8"; } $variables['attributes'] = $element['#attributes']; - $variables['children'] = $element['#children']; + $variables['children'] = new Markup($element['#children']); } /** @@ -2905,7 +2906,7 @@ function template_preprocess_form_element(&$variables) { $variables['label'] = array('#theme' => 'form_element_label'); $variables['label'] += array_intersect_key($element, array_flip(array('#id', '#required', '#title', '#title_display'))); - $variables['children'] = $element['#children']; + $variables['children'] = new Markup($element['#children']); } /** diff --git a/core/includes/theme.inc b/core/includes/theme.inc index d45c2e5..7556a2f 100644 --- a/core/includes/theme.inc +++ b/core/includes/theme.inc @@ -17,6 +17,7 @@ use Drupal\Core\Extension\Extension; use Drupal\Core\Extension\ExtensionNameLengthException; use Drupal\Core\Template\Attribute; +use Drupal\Core\Template\Markup; use Drupal\Core\Template\RenderWrapper; use Drupal\Core\Theme\ThemeSettings; use Drupal\Component\Utility\NestedArray; @@ -631,7 +632,8 @@ function _theme($hook, $variables = array()) { // restore path_to_theme() $theme_path = $temp; - return (string) $output; + + return new Markup($output); } /** @@ -1708,7 +1710,7 @@ function template_preprocess_item_list(&$variables) { // Set the item's value and attributes for the template. $item = array( - 'value' => $item, + 'value' => new Markup($item), 'attributes' => new Attribute($attributes), ); } @@ -1791,7 +1793,7 @@ function template_preprocess_container(&$variables) { $element['#attributes']['class'][] = 'form-wrapper'; } - $variables['children'] = $element['#children']; + $variables['children'] = new Markup($element['#children']); $variables['attributes'] = $element['#attributes']; } @@ -2078,7 +2080,7 @@ function template_preprocess_page(&$variables) { // Move some variables to the top level for themer convenience and template cleanliness. $variables['show_messages'] = $variables['page']['#show_messages']; - $variables['title'] = $variables['page']['#title']; + $variables['title'] = new Markup($variables['page']['#title']); foreach (system_region_list($GLOBALS['theme']) as $region_key => $region_name) { if (!isset($variables['page'][$region_key])) { @@ -2108,7 +2110,7 @@ function template_preprocess_page(&$variables) { $variables['secondary_menu'] = theme_get_setting('features.secondary_menu') ? menu_secondary_menu() : array(); $variables['action_links'] = menu_get_local_actions(); $variables['tabs'] = menu_local_tabs(); - $variables['feed_icons'] = drupal_get_feeds(); + $variables['feed_icons'] = new Markup(drupal_get_feeds()); } else { $variables['main_menu'] = array(); @@ -2316,7 +2318,7 @@ function template_preprocess_install_page(&$variables) { */ function template_preprocess_region(&$variables) { // Create the $content variable that templates expect. - $variables['content'] = $variables['elements']['#children']; + $variables['content'] = new Markup($variables['elements']['#children']); $variables['region'] = $variables['elements']['#region']; $variables['attributes']['class'][] = 'region'; diff --git a/core/lib/Drupal/Core/CoreServiceProvider.php b/core/lib/Drupal/Core/CoreServiceProvider.php index 1cd43a3..b04f22a 100644 --- a/core/lib/Drupal/Core/CoreServiceProvider.php +++ b/core/lib/Drupal/Core/CoreServiceProvider.php @@ -118,7 +118,7 @@ public static function registerTwig(ContainerBuilder $container) { 'cache' => drupal_installation_attempted() ? FALSE : Settings::get('twig_cache', TRUE), // @todo Remove in followup issue // @see http://drupal.org/node/1712444. - 'autoescape' => FALSE, + 'autoescape' => TRUE, 'debug' => Settings::get('twig_debug', FALSE), 'auto_reload' => Settings::get('twig_auto_reload', NULL), )) diff --git a/core/lib/Drupal/Core/Template/Attribute.php b/core/lib/Drupal/Core/Template/Attribute.php index ead5d05..93e4340 100644 --- a/core/lib/Drupal/Core/Template/Attribute.php +++ b/core/lib/Drupal/Core/Template/Attribute.php @@ -31,7 +31,7 @@ * // Produces * @endcode */ -class Attribute implements \ArrayAccess, \IteratorAggregate { +class Attribute extends \Twig_Markup implements \ArrayAccess, \IteratorAggregate { /** * Stores the attribute data. diff --git a/core/lib/Drupal/Core/Template/Markup.php b/core/lib/Drupal/Core/Template/Markup.php new file mode 100644 index 0000000..fb53545 --- /dev/null +++ b/core/lib/Drupal/Core/Template/Markup.php @@ -0,0 +1,51 @@ +content = $content; + $this->charset = $charset; + } + + /** + * Implements the magic __toString() method. + */ + public function __toString() { + return (string) $this->render(); + } + + /** + * Renders the markup. + * + * @return string + * The results of the callback function. + */ + public function render() { + return $this->content; + } + +} diff --git a/core/lib/Drupal/Core/Template/RenderWrapper.php b/core/lib/Drupal/Core/Template/RenderWrapper.php index 7d7770d..58888e6 100644 --- a/core/lib/Drupal/Core/Template/RenderWrapper.php +++ b/core/lib/Drupal/Core/Template/RenderWrapper.php @@ -16,7 +16,7 @@ * $variables['scripts'] = new RenderWrapper('drupal_get_js', array('footer')); * @endcode */ -class RenderWrapper { +class RenderWrapper extends \Twig_Markup { /** * Stores the callback function to be called when rendered. @@ -52,7 +52,7 @@ public function __construct($callback, array $args = array()) { * Implements the magic __toString() method. */ public function __toString() { - return $this->render(); + return (string) $this->render(); } /** diff --git a/core/modules/color/templates/color-scheme-form.html.twig b/core/modules/color/templates/color-scheme-form.html.twig index 6cfacbd..4d39743 100644 --- a/core/modules/color/templates/color-scheme-form.html.twig +++ b/core/modules/color/templates/color-scheme-form.html.twig @@ -22,5 +22,5 @@ {{ form }}

{{ 'Preview'|t }}

- {{ html_preview }} + {{ html_preview|raw }} diff --git a/core/modules/comment/templates/comment.html.twig b/core/modules/comment/templates/comment.html.twig index 5fca73b..7e24a38 100644 --- a/core/modules/comment/templates/comment.html.twig +++ b/core/modules/comment/templates/comment.html.twig @@ -80,7 +80,7 @@