The follow is from the current SafeMarkup class docblock,

 * This class should be limited to internal use only. Module developers should
 * instead use the appropriate
 * @link sanitization sanitization functions @endlink or the
 * @link theme_render theme and render systems @endlink so that the output can
 * can be themed, escaped, and altered properly.

Since this was written core has moved on a lot and now SafeMarkup contains most of the sanitisation methods. Also considering the importance of using SafeMarkup functions correctly I think the documentation should have helpful examples for developers.

Comments

alexpott’s picture

alexpott
he/they
Primary language English
Location 🇪🇺🌍
commented
Title: Improve document SafeMarkup class » Improve SafeMarkup class documentation
Related issues: +#2506195: Remove SafeMarkup::set() from Xss::filter()
xjm’s picture

xjm
she/her
Primary language English
commented
Title: Improve SafeMarkup class documentation » Improve SafeMarkup class documentation and render/theme API documentation

Broadening the scope a bit since it makes sense to update both the class and topic docs holistically following all the recent changes.

xjm’s picture

xjm
she/her
Primary language English
commented
Title: Improve SafeMarkup class documentation and render/theme API documentation » Improve SafeMarkup class documentation and render/theme/sanitization API documentation
joelpittet’s picture

joelpittet
he/him
Primary language English
Location Vancouver
commented
Title: Improve SafeMarkup class documentation and render/theme/sanitization API documentation » Improve MarkupInterface documentation and render/theme/sanitization API documentation

Is this the correct new title for this @xjm?

joelpittet’s picture

joelpittet
he/him
Primary language English
Location Vancouver
commented
Issue tags: +rc eligible

Version: 8.0.x-dev » 8.1.x-dev

Drupal 8.0.6 was released on April 6 and is the final bugfix release for the Drupal 8.0.x series. Drupal 8.0.x will not receive any further development aside from security fixes. Drupal 8.1.0-rc1 is now available and sites should prepare to update to 8.1.0.

Bug reports should be targeted against the 8.1.x-dev branch from now on, and new development or disruptive changes should be targeted against the 8.2.x-dev branch. For more information see the Drupal 8 minor version schedule and the Allowed changes during the Drupal 8 release cycle.

xjm’s picture

xjm
she/her
Primary language English
commented
Related issues: +#2575551: Document the Drupal 8 sanitization API in the API docs and on Drupal.org

This is related to (maybe a child or duplicate of) #2575551: Document the Drupal 8 sanitization API in the API docs and on Drupal.org.

alexpott’s picture

alexpott
he/they
Primary language English
Location 🇪🇺🌍
commented
Status: Active » Closed (duplicate)

Discussed with @xjm, @cottser, @joelpittet. We decided this is a duplicate of #2575551: Document the Drupal 8 sanitization API in the API docs and on Drupal.org