Support for Drupal 7 is ending on 5 January 2025—it’s time to migrate to Drupal 10! Learn about the many benefits of Drupal 10 and find migration tools in our resource center.
Careless use of decode_entities() can result in security vulnerabilities. Patch to add a warning to the doxygen comments, as well as some doc clean-up.
Comment | File | Size | Author |
---|---|---|---|
#7 | decode_entities_d6.patch | 1.23 KB | mr.baileys |
#3 | decode_entities.patch | 1.24 KB | mr.baileys |
decode_entities.patch | 1.24 KB | mr.baileys | |
Comments
Comment #1
Damien Tournoud CreditAttribution: Damien Tournoud commentedThat's a reasonable improvement.
Comment #2
jbrown CreditAttribution: jbrown commentedit should be @return , not @returns
Comment #3
mr.baileysIndeed it should, thanks!
Comment #4
Damien Tournoud CreditAttribution: Damien Tournoud commentedGood catch.
Comment #5
Dries CreditAttribution: Dries commentedCommitted to CVS HEAD. Thanks.
Comment #6
Damien Tournoud CreditAttribution: Damien Tournoud commentedLet's consider a backport to D6.
Comment #7
mr.baileysStraight backport
Comment #8
Damien Tournoud CreditAttribution: Damien Tournoud commentedDoesn't hurt to get into D6 too, I believe.
Comment #9
Gábor HojtsyCommitted thank you!