Early Bird Registration for DrupalCon Portland 2024 is open! Register by 23:59 PST on 31 March 2024, to get $100 off your ticket.
Line 71 of the module currently uses:
drupal_set_message(check_plain($logout_message));
This results in any html markup (eg, links) being rendered as plaintext.
This can be fixed by using filter_xss instead:
drupal_set_message(filter_xss($logout_message));
This is a useful ability for messages like:
You have logged out successfully. Log in again?
You have logged out successfully. <a href="/user">Log in again?</a>
Comment | File | Size | Author |
---|---|---|---|
#3 | 2772439-check-plain-strips-html-3-7.x-1.1.patch | 641 bytes | Prashant.c |
Comments
Comment #2
DedSec CreditAttribution: DedSec commentedComment #3
Prashant.cPatch needs to be reviewed.
Comment #4
Sumit kumar CreditAttribution: Sumit kumar at gai Technologies Pvt Ltd commentedI have tested the link is appearing and text is also translatable.
Thanks
Comment #6
Prashant.c@sumit
Thanks for testing.