Support for Drupal 7 is ending on 5 January 2025—it’s time to migrate to Drupal 10! Learn about the many benefits of Drupal 10 and find migration tools in our resource center.Similarly to #2201703: Strip HTML in hook_node_operations(), flag labels with HTML in them display raw HTML when used in a confirm form button. The forthcoming patch passes the label through strip_tags().
| Comment | File | Size | Author |
|---|---|---|---|
| #3 | 2255199.flag_.flag-confirm-form-strip-tags.patch | 3.01 KB | joachim |
| #3 | 2255199.flag_.flag-confirm-form-strip-tags-tests-only.patch | 2.4 KB | joachim |
| #1 | flag-strip-tags-confirm-form-2255199.patch | 625 bytes | jhedstrom |
Comments
Comment #1
jhedstromAnd the patch.
Comment #2
joachim CreditAttribution: joachim commentedLooks like the right thing to do.
I was thinking it would be nice to have tests for this, and I tried changing FlagLinkTypeConfirmTestCase to have some HTML in its flag link text, but I can't figure out how assertLink() is meant to work when the link text contains HTML. Neither including it in the parameter nor stripping it seems to work!!
Comment #3
joachim CreditAttribution: joachim commentedFigured it out -- well a workaround at least.
Here's two patches: one is just the changes to tests, and should fail. The other adds in the changes from patch #1.
Comment #5
joachim CreditAttribution: joachim commentedPerfect.
Committing.
Thanks for reporting & fixing!