diff -u b/core/modules/dblog/src/Controller/DbLogController.php b/core/modules/dblog/src/Controller/DbLogController.php
--- b/core/modules/dblog/src/Controller/DbLogController.php
+++ b/core/modules/dblog/src/Controller/DbLogController.php
@@ -354,7 +354,7 @@
else {
$message = FALSE;
}
- return ($message) ? Xss::filterAdmin($message) : FALSE;
+ return $message;
}
/**
diff -u b/core/modules/dblog/src/Tests/DbLogTest.php b/core/modules/dblog/src/Tests/DbLogTest.php
--- b/core/modules/dblog/src/Tests/DbLogTest.php
+++ b/core/modules/dblog/src/Tests/DbLogTest.php
@@ -281,24 +281,6 @@
// Check if the link exists (unescaped).
$this->assertRaw($link);
-
- // Check for XSS filtering.
- $js_txt = 'This should not pop up!';
- $js = '';
- $this->generateLogEntries(1, array(
- 'message' => $message,
- 'link' => $link . $js,
- ));
-
- $result = db_query_range('SELECT wid FROM {watchdog} ORDER BY wid DESC', 0, 1);
- $this->drupalGet('admin/reports/dblog/event/' . $result->fetchField());
-
- // Check if the link exists (unescaped).
- $this->assertRaw($link);
-
- // Check if javascript was escaped.
- $this->assertNoRaw($js, 'Detail view: javascript in link is blocked');
- $this->assertRaw($js_txt, 'Detail view: javascript text exists');
}
/**
@@ -320,24 +302,6 @@
// Check if the link exists (unescaped).
$this->assertRaw($message);
-
- // Check for XSS filtering.
- $js_txt = 'This should not pop up!';
- $js = '';
- $this->generateLogEntries(1, array(
- 'message' => $message . $js,
- 'link' => $link,
- ));
-
- $result = db_query_range('SELECT wid FROM {watchdog} ORDER BY wid DESC', 0, 1);
- $this->drupalGet('admin/reports/dblog/event/' . $result->fetchField());
-
- // Check if the link exists (unescaped).
- $this->assertRaw($message);
-
- // Check if javascript was escaped.
- $this->assertNoRaw($js, 'Detail view: javascript in message is blocked');
- $this->assertRaw($js_txt, 'Detail view: javascript text exists ');
}
/**