Support for Drupal 7 is ending on 5 January 2025—it’s time to migrate to Drupal 10! Learn about the many benefits of Drupal 10 and find migration tools in our resource center.
Line 71 of the module currently uses:
drupal_set_message(check_plain($logout_message));
This results in any html markup (eg, links) being rendered as plaintext.
This can be fixed by using filter_xss instead:
drupal_set_message(filter_xss($logout_message));
This is a useful ability for messages like:
You have logged out successfully. Log in again?
You have logged out successfully. <a href="/user">Log in again?</a>
Comment | File | Size | Author |
---|---|---|---|
#3 | 2772439-check-plain-strips-html-3-7.x-1.1.patch | 641 bytes | Prashant.c |
Comments
Comment #2
DedSec CreditAttribution: DedSec commentedComment #3
Prashant.cPatch needs to be reviewed.
Comment #4
Sumit kumar CreditAttribution: Sumit kumar at gai Technologies Pvt Ltd commentedI have tested the link is appearing and text is also translatable.
Thanks
Comment #6
Prashant.c@sumit
Thanks for testing.