diff -u b/core/modules/dblog/src/Controller/DbLogController.php b/core/modules/dblog/src/Controller/DbLogController.php --- b/core/modules/dblog/src/Controller/DbLogController.php +++ b/core/modules/dblog/src/Controller/DbLogController.php @@ -8,9 +8,8 @@ namespace Drupal\dblog\Controller; use Drupal\Component\Utility\Html; -use Drupal\Component\Utility\SafeMarkup; -use Drupal\Component\Utility\String; use Drupal\Component\Utility\Unicode; +use Drupal\Component\Utility\String; use Drupal\Component\Utility\Xss; use Drupal\Core\Controller\ControllerBase; use Drupal\Core\Database\Connection; @@ -241,14 +240,6 @@ '#theme' => 'username', '#account' => user_load($dblog->uid), ); - // Validate the event link if it is safe. - if (!SafeMarkup::isSafe($dblog->link)) { - $event_link = Xss::filterAdmin($dblog->link); - } - else { - $event_link = $dblog->link; - } - $rows = array( array( array('data' => $this->t('Type'), 'header' => TRUE), @@ -286,7 +277,7 @@ ), array( array('data' => $this->t('Operations'), 'header' => TRUE), - $event_link, + SafeMarkup::checkAdminXss($dblog->link), ), ); $build['dblog_table'] = array( diff -u b/core/modules/dblog/src/Tests/DbLogTest.php b/core/modules/dblog/src/Tests/DbLogTest.php --- b/core/modules/dblog/src/Tests/DbLogTest.php +++ b/core/modules/dblog/src/Tests/DbLogTest.php @@ -134,7 +134,22 @@ * @param int $count * Number of watchdog entries to generate. * @param array $options - * (optional) An array of options that override the default values. + * These options are used to override the defaults for the test. + * An associative array containing any of the following keys: + * - 'channel': String identifying the log channel to be output to. + * If the channel is not set, the default of 'custom' will be used. + * - 'message': String containing a message to be output to the log. + * A simple default message is used if not provided. + * - 'variables': Array of variables that match the message string + * - 'severity': Log severity level as defined in logging_severity_levels + * - 'link': String linking to view the result of the event + * - 'user': String identifying the username + * - 'uid': Int identifying the user id for the user + * - 'request_uri': String identifying the location of the request. + * - 'referer': String identifying the referring url + * - 'ip': String The ip address of the client machine triggering the log + * entry + * - 'timestamp': Int unix timestamp */ private function generateLogEntries($count, $options = array()) { global $base_root; @@ -155,14 +170,9 @@ ); $logger = $this->container->get('logger.dblog'); - if ($count > 1) { - $message = $log['message'] . ' Entry #'; - for ($i = 0; $i < $count; $i++) { - $log['message'] = $message . $i; - $logger->log($log['severity'], $log['message'], $log); - } - } - else { + $message = $log['message'] . ' Entry #'; + for ($i = 0; $i < $count; $i++) { + $log['message'] = $message . $i; $logger->log($log['severity'], $log['message'], $log); } }