Problem/Motivation

Using |raw is a bad security practice and it is almost never necessary with Drupal: https://www.drupal.org/docs/develop/theming-drupal/twig-in-drupal/filter...

Steps to reproduce

If the variable contains HTML that should not be escaped, it should be a Markup object instead.

Proposed resolution

Remaining tasks

User interface changes

API changes

Data model changes

Command icon Show commands

Start within a Git clone of the project using the version control instructions.

Or, if you do not have SSH keys set up on git.drupalcode.org:

Comments

prudloff created an issue. See original summary.

prudloff’s picture

Status: Active » Needs review
p-neyens’s picture

Status: Needs review » Fixed

Now that this issue is closed, review the contribution record.

As a contributor, attribute any organization that helped you, or if you volunteered your own time.

Maintainers, credit people who helped resolve this issue.

Status: Fixed » Closed (fixed)

Automatically closed - issue fixed for 2 weeks with no activity.