As this SafeMarkup::checkPlainis deprecated this is now replaced with Html::escape().
Refer Link: https://api.drupal.org/api/drupal/core!lib!Drupal!Component!Utility!Safe...

Files: 

Comments

Pradnya Pingat created an issue. See original summary.

Pradnya Pingat’s picture

Assigned: Pradnya Pingat » Unassigned
Status: Active » Needs review
FileSize
21.89 KB

Patch Added.

Status: Needs review » Needs work

The last submitted patch, 2: 2799215-2.patch, failed testing.

TR’s picture

Priority: Normal » Minor
Issue tags: -drupal8

Please read https://www.drupal.org/node/2549395 and the links referenced there. D8 text sanitation has been changed drastically many times in the past few years, and this is not a situation where you can blindly replace one for the other especially for code that has been ported like Ubercart. This task requires careful consideration and additional tests written to make sure that the text is properly and securely handled without introducing double encoding. At a very minimum it requires examining all the changed output manually to ensure that the behavior hasn't changed.

The remaining checkPlain() in the Ubercart code base are still there for several reasons, primarily because some of that code hasn't been fully ported to D8 and/or *won't* be ported to D8. For example, uc_ups cannot be enabled right now because we have marked it as not yet ported, and uc_report will not be ported, it is to be replaced by specially-built views.

Note that "deprecated" in this case means that the checkPlain() method will be removed in Drupal 9, which is probably 5 years from now. There's no immediate need to change anything - it's far more important to do this correctly and to re-write things as necessary to avoid the need to sanitize, if possible, or to defer the sanitation to Twig.

Pradnya Pingat’s picture

Sorry my bad.