Follow-up to #2280965: [meta] Remove every SafeMarkup::set() call

Problem/Motivation

SafeMarkup::set() is mostly for internal use only. For the most part, existing APIs like t(), String::checkPlain(), XSS::filter(), drupal_render(), etc. should be marking the things they sanitize, and markup in general should be moved into templates wherever possible so the themer has control of it.

Proposed resolution

Use \Twig_Markup in twig_drupal_join_filter since it is part of Twig and should not pollute the safe list

CommentFileSizeAuthor
#4 2553969.4.patch870 bytesalexpott
#2 2553969.2.patch869 bytesalexpott
Support from Acquia helps fund testing for Drupal Acquia logo

Comments

alexpott created an issue. See original summary.

alexpott’s picture

alexpott
he/they
Primary language English
Location 🇪🇺🌍
CreditAttribution: alexpott at Chapter Three commented
Status: Active » Needs review
FileSize
2553969.2.patch869 bytes
dawehner’s picture

dawehner
Primary language German
CreditAttribution: dawehner as a volunteer and at Tag1 Consulting for Drupal Association commented
Status: Needs review » Reviewed & tested by the community

Nice!

alexpott’s picture

alexpott
he/they
Primary language English
Location 🇪🇺🌍
CreditAttribution: alexpott at Chapter Three commented
FileSize
2553969.4.patch870 bytes

Tiny fix... missing leading slash.

dawehner’s picture

dawehner
Primary language German
CreditAttribution: dawehner as a volunteer and at Tag1 Consulting for Drupal Association commented

Ah, I'm confused that twig is actually running old school classnames.

xjm’s picture

xjm
she/her
Primary language English
CreditAttribution: xjm at Acquia commented
Title: Use \Twig_Markup in twig_drupal_join_filter since it is part of Twig and should not pollute the safe list » Use \Twig_Markup in twig_drupal_join_filter() since it is part of Twig and should not pollute the safe list
webchick’s picture

webchick
she/they
Primary language English
Location Vancouver 🇨🇦
CreditAttribution: webchick at Acquia commented
Status: Reviewed & tested by the community » Fixed

Committed and pushed to 8.0.x. Thanks!

  • webchick committed d10622a on 8.0.x 
    Issue #2553969 by alexpott, dawehner, xjm: Use \Twig_Markup in...

Status: Fixed » Closed (fixed)

Automatically closed - issue fixed for 2 weeks with no activity.