Early Bird Registration for DrupalCon Portland 2024 is open! Register by 23:59 UTC on 18 March 2024, to get $100 off your ticket.
By Jose Reyero on
Change record status:
Published (View all published change records)
Project:
Introduced in branch:
7.x-1.x
Introduced in version:
7.x-1.5
Description:
We are adding more flexible and more consistent filtering of user defined strings translations and dropping for good locale_string_is_safe(), which was not really intended for these strings.
API Changes:
- i18n_string_translate() and all related functions are now filtering translations *always* unless the 'sanitize' = FALSE option is used. The filtering defaults to 'check_plain' so translations with HTML may be displayed as plain texts.
- There's full support for two new 'pseudo-text formats', using the constants: I18N_STRING_FILTER_XSS and I18N_STRING_FILTER_XSS_ADMIN, that can be used as 'format' parameter for strings. These will run translations through the corresponding filtering function.
Two new permissions (which in addition to 'translate interface' will allow users to translate different strings):
- Translate user defined strings Generic permission required to translate any user defined string.
Translate admin strings, required for translating strings filtered through filter_xss_admin() ('format' = I18N_STRINGS_FILTER_XSS_ADMIN)
Thus, no more validation of translations when saved, but better run-time filtering before displaying them.
Impacts:
Site builders, administrators, editors
Module developers