diff --git a/core/modules/file/file.module b/core/modules/file/file.module
index 9438f4a..9d651e3 100644
--- a/core/modules/file/file.module
+++ b/core/modules/file/file.module
@@ -1243,7 +1243,7 @@ function template_preprocess_file_link(&$variables) {
   $variables['attributes'] = new Attribute($variables['attributes']);
   $variables['attributes']->addClass($classes);
 
-  $variables['link'] = _l($link_text, $url, $options);
+  $variables['link'] = \Drupal::linkGenerator()->generate($link_text, Url::fromUri($url, $options));
 }
 
 /**
diff --git a/core/modules/system/src/Tests/Common/UrlTest.php b/core/modules/system/src/Tests/Common/UrlTest.php
index 92342d2..e924464 100644
--- a/core/modules/system/src/Tests/Common/UrlTest.php
+++ b/core/modules/system/src/Tests/Common/UrlTest.php
@@ -32,12 +32,7 @@ class UrlTest extends WebTestBase {
    * Confirms that invalid URLs are filtered in link generating functions.
    */
   function testLinkXSS() {
-    // Test _l().
-    $text = $this->randomMachineName();
     $path = "<SCRIPT>alert('XSS')</SCRIPT>";
-    $link = _l($text, $path);
-    $sanitized_path = check_url(_url($path));
-    $this->assertTrue(strpos($link, $sanitized_path) !== FALSE, format_string('XSS attack @path was filtered by _l().', array('@path' => $path)));
 
     // Test _url().
     $link = _url($path);