Commit f13b2d59 authored by catch's avatar catch
Browse files

Revert "Issue #2560641 by alexpott, lauriii, Xano, borisson_, ianthomas_uk:...

Revert "Issue #2560641 by alexpott, lauriii, Xano, borisson_, ianthomas_uk: Remove all usages SafeMarkup::checkPlain() from render arrays"

This reverts commit 31007609.
parent 31007609
......@@ -20,7 +20,6 @@
use Drupal\Core\Theme\ThemeSettings;
use Drupal\Component\Utility\NestedArray;
use Drupal\Core\Render\Element;
use Drupal\Core\Render\SafeString;
/**
* @defgroup content_flags Content markers
......@@ -1242,8 +1241,7 @@ function template_preprocess_html(&$variables) {
}
if (!empty($variables['page']['#title'])) {
$head_title = array(
// Marking the title as safe since it has had the tags stripped.
'title' => SafeString::create(trim(strip_tags($variables['page']['#title']))),
'title' => trim(strip_tags($variables['page']['#title'])),
'name' => $site_config->get('name'),
);
}
......
......@@ -7,7 +7,7 @@
namespace Drupal\Core\Field\Plugin\Field\FieldFormatter;
use Drupal\Component\Utility\Html;
use Drupal\Component\Utility\SafeMarkup;
use Drupal\Core\Field\FormatterBase;
use Drupal\Core\Field\FieldItemListInterface;
......@@ -37,7 +37,7 @@ public function viewElements(FieldItemListInterface $items) {
foreach ($items as $delta => $item) {
// The text value has no text format assigned to it, so the user input
// should equal the output, including newlines.
$elements[$delta] = array('#markup' => nl2br(Html::escape($item->value)));
$elements[$delta] = array('#markup' => nl2br(SafeMarkup::checkPlain($item->value)));
}
return $elements;
......
......@@ -7,6 +7,7 @@
namespace Drupal\Core\Field\Plugin\Field\FieldFormatter;
use Drupal\Component\Utility\SafeMarkup;
use Drupal\Core\Entity\EntityManagerInterface;
use Drupal\Core\Field\FieldDefinitionInterface;
use Drupal\Core\Field\FieldItemInterface;
......@@ -122,9 +123,7 @@ protected function viewValue(FieldItemInterface $item) {
// storage by LanguageManager::getLanguages()) or in its native language
// name. That only depends on formatter settings and no language condition.
$languages = $this->getSetting('native_language') ? $this->languageManager->getNativeLanguages(LanguageInterface::STATE_ALL) : $this->languageManager->getLanguages(LanguageInterface::STATE_ALL);
return [
'#plain_text' => $item->language && isset($languages[$item->language->getId()]) ? $languages[$item->language->getId()]->getName() : ''
];
return $item->language && isset($languages[$item->language->getId()]) ? SafeMarkup::checkPlain($languages[$item->language->getId()]->getName()) : '';
}
}
......@@ -7,7 +7,7 @@
namespace Drupal\Core\Field\Plugin\Field\FieldFormatter;
use Drupal\Component\Utility\Html;
use Drupal\Component\Utility\SafeMarkup;
use Drupal\Core\Entity\EntityManagerInterface;
use Drupal\Core\Entity\RevisionableInterface;
use Drupal\Core\Field\FieldDefinitionInterface;
......@@ -128,16 +128,16 @@ public function viewElements(FieldItemListInterface $items) {
}
foreach ($items as $delta => $item) {
$view_value = $this->viewValue($item);
$string = $this->viewValue($item);
if ($url) {
$elements[$delta] = [
'#type' => 'link',
'#title' => $view_value,
'#title' => $string,
'#url' => $url,
];
}
else {
$elements[$delta] = is_array($view_value) ? $view_value : ['#markup' => $view_value];
$elements[$delta] = ['#markup' => $string];
}
}
return $elements;
......@@ -149,15 +149,13 @@ public function viewElements(FieldItemListInterface $items) {
* @param \Drupal\Core\Field\FieldItemInterface $item
* One field item.
*
* @return array
* The textual output generated as a render array.
* @return string
* The textual output generated.
*/
protected function viewValue(FieldItemInterface $item) {
// The text value has no text format assigned to it, so the user input
// should equal the output, including newlines.
return [
'#markup' => nl2br(Html::escape($item->value))
];
return nl2br(SafeMarkup::checkPlain($item->value));
}
}
......@@ -10,6 +10,7 @@
use Drupal\Component\Utility\Html;
use Drupal\Component\Utility\NestedArray;
use Drupal\Component\Utility\SortArray;
use Drupal\Component\Utility\SafeMarkup;
use Drupal\Core\Form\FormStateInterface;
use Drupal\Core\Render\Element;
use Symfony\Component\Validator\ConstraintViolationInterface;
......@@ -84,7 +85,7 @@ public function form(FieldItemListInterface $items, array &$form, FormStateInter
if ($this->handlesMultipleValues() || isset($get_delta)) {
$delta = isset($get_delta) ? $get_delta : 0;
$element = array(
'#title' => $this->fieldDefinition->getLabel(),
'#title' => SafeMarkup::checkPlain($this->fieldDefinition->getLabel()),
'#description' => FieldFilteredString::create(\Drupal::token()->replace($this->fieldDefinition->getDescription())),
);
$element = $this->formSingleElement($items, $delta, $element, $form, $form_state);
......@@ -163,7 +164,7 @@ protected function formMultipleElements(FieldItemListInterface $items, array &$f
break;
}
$title = $this->fieldDefinition->getLabel();
$title = SafeMarkup::checkPlain($this->fieldDefinition->getLabel());
$description = FieldFilteredString::create(\Drupal::token()->replace($this->fieldDefinition->getDescription()));
$elements = array();
......@@ -178,7 +179,7 @@ protected function formMultipleElements(FieldItemListInterface $items, array &$f
// table.
if ($is_multiple) {
$element = [
'#title' => $this->t('@title (value @number)', ['@title' => $title, '@number' => $delta + 1]),
'#title' => $title . ' ' . $this->t('(value @number)', ['@number' => $delta + 1]),
'#title_display' => 'invisible',
'#description' => '',
];
......
......@@ -7,6 +7,7 @@
namespace Drupal\block;
use Drupal\Component\Utility\SafeMarkup;
use Drupal\Core\Block\MainContentBlockPluginInterface;
use Drupal\Core\Cache\Cache;
use Drupal\Core\Cache\CacheableMetadata;
......@@ -163,6 +164,8 @@ protected static function buildPreRenderableBlock($entity, ModuleHandlerInterfac
'#block' => $entity,
];
$build['#configuration']['label'] = SafeMarkup::checkPlain($configuration['label']);
// If an alter hook wants to modify the block contents, it can append
// another #pre_render hook.
$module_handler->alter(['block_view', "block_view_$base_id"], $build, $plugin);
......
......@@ -8,6 +8,7 @@
namespace Drupal\block\Controller;
use Drupal\Component\Serialization\Json;
use Drupal\Component\Utility\SafeMarkup;
use Drupal\Core\Block\BlockManagerInterface;
use Drupal\Core\Controller\ControllerBase;
use Drupal\Core\EventSubscriber\MainContentViewSubscriber;
......@@ -108,7 +109,7 @@ public function listBlocks(Request $request, $theme) {
'#prefix' => '<div class="block-filter-text-source">',
'#suffix' => '</div>',
];
$row['category']['data'] = $plugin_definition['category'];
$row['category']['data'] = SafeMarkup::checkPlain($plugin_definition['category']);
$links['add'] = [
'title' => $this->t('Place block'),
'url' => Url::fromRoute('block.admin_add', ['plugin_id' => $plugin_id, 'theme' => $theme]),
......
......@@ -8,6 +8,7 @@
use Drupal\Core\Asset\CssOptimizer;
use Drupal\Component\Utility\Bytes;
use Drupal\Component\Utility\Environment;
use Drupal\Component\Utility\SafeMarkup;
use Drupal\Core\Cache\Cache;
use Drupal\Core\Form\FormStateInterface;
use Drupal\Core\Language\LanguageInterface;
......@@ -250,7 +251,7 @@ function color_scheme_form($complete_form, FormStateInterface $form_state, $them
if (isset($names[$name])) {
$form['palette'][$name] = array(
'#type' => 'textfield',
'#title' => $names[$name],
'#title' => SafeMarkup::checkPlain($names[$name]),
'#value_callback' => 'color_palette_color_value',
'#default_value' => $value,
'#size' => 8,
......
......@@ -7,6 +7,8 @@
namespace Drupal\comment;
use Drupal\Component\Utility\SafeMarkup;
use Drupal\Component\Utility\Xss;
use Drupal\Core\Config\Entity\ConfigEntityListBuilder;
use Drupal\Core\Entity\EntityInterface;
......@@ -43,7 +45,7 @@ public function buildHeader() {
* {@inheritdoc}
*/
public function buildRow(EntityInterface $entity) {
$row['type'] = $entity->label();
$row['type'] = SafeMarkup::checkPlain($entity->label());
$row['description']['data'] = ['#markup' => $entity->getDescription()];
return $row + parent::buildRow($entity);
}
......
......@@ -7,6 +7,7 @@
namespace Drupal\config_translation\Controller;
use Drupal\Component\Utility\SafeMarkup;
use Drupal\Core\Entity\EntityInterface;
use Drupal\Core\Entity\EntityStorageInterface;
use Drupal\Core\Entity\EntityTypeInterface;
......@@ -69,12 +70,12 @@ public function buildRow(EntityInterface $entity) {
);
$row['theme'] = array(
'data' => $this->themes[$theme]->info['name'],
'data' => SafeMarkup::checkPlain($this->themes[$theme]->info['name']),
'class' => 'table-filter-text-source',
);
$row['category'] = array(
'data' => $plugin_definition['category'],
'data' => SafeMarkup::checkPlain($plugin_definition['category']),
'class' => 'table-filter-text-source',
);
......
......@@ -7,6 +7,7 @@
namespace Drupal\config_translation\Controller;
use Drupal\Component\Utility\SafeMarkup;
use Drupal\Component\Utility\Unicode;
use Drupal\Core\Entity\EntityInterface;
use Drupal\Core\Entity\EntityManagerInterface;
......@@ -122,7 +123,7 @@ public function buildRow(EntityInterface $entity) {
if ($this->displayBundle()) {
$bundle = $entity->get('bundle');
$row['bundle'] = array(
'data' => $this->baseEntityBundles[$bundle]['label'],
'data' => SafeMarkup::checkPlain($this->baseEntityBundles[$bundle]['label']),
'class' => 'table-filter-text-source',
);
}
......
......@@ -7,6 +7,7 @@
namespace Drupal\config_translation\Controller;
use Drupal\Component\Utility\SafeMarkup;
use Drupal\config_translation\ConfigMapperInterface;
use Drupal\Core\Controller\ControllerBase;
use Symfony\Component\DependencyInjection\ContainerInterface;
......@@ -93,7 +94,7 @@ public function render() {
* A render array structure of fields for this mapper.
*/
public function buildRow(ConfigMapperInterface $mapper) {
$row['label'] = $mapper->getTypeLabel();
$row['label'] = SafeMarkup::checkPlain($mapper->getTypeLabel());
$row['operations']['data'] = $this->buildOperations($mapper);
return $row;
}
......
......@@ -7,6 +7,7 @@
namespace Drupal\config_translation\Tests;
use Drupal\Component\Utility\SafeMarkup;
use Drupal\language\Entity\ConfigurableLanguage;
use Drupal\simpletest\WebTestBase;
......@@ -102,7 +103,7 @@ public function testMapperListPage() {
$base_url = 'admin/structure/config_test/manage/' . $test_entity->id();
$this->drupalGet('admin/config/regional/config-translation/config_test');
$this->assertLinkByHref($base_url . '/translate');
$this->assertEscaped($test_entity->label());
$this->assertText(SafeMarkup::checkPlain($test_entity->label()));
// Make sure there is only a single 'Translate' operation for each
// dropbutton.
......
......@@ -753,9 +753,9 @@ public function testFieldConfigTranslation() {
$this->clickLink('Add');
$this->assertText('Translatable field setting');
$this->assertEscaped($translatable_field_setting);
$this->assertRaw(SafeMarkup::checkPlain($translatable_field_setting));
$this->assertText('Translatable storage setting');
$this->assertEscaped($translatable_storage_setting);
$this->assertRaw(SafeMarkup::checkPlain($translatable_storage_setting));
}
/**
......
......@@ -11,6 +11,7 @@
use Drupal\contact\ContactFormInterface;
use Drupal\Core\Render\RendererInterface;
use Drupal\user\UserInterface;
use Drupal\Component\Utility\SafeMarkup;
use Symfony\Component\DependencyInjection\ContainerInterface;
use Symfony\Component\HttpKernel\Exception\NotFoundHttpException;
......@@ -86,7 +87,7 @@ public function contactSitePage(ContactFormInterface $contact_form = NULL) {
));
$form = $this->entityFormBuilder()->getForm($message);
$form['#title'] = $contact_form->label();
$form['#title'] = SafeMarkup::checkPlain($contact_form->label());
$form['#cache']['contexts'][] = 'user.permissions';
$this->renderer->addCacheableDependency($form, $config);
return $form;
......
......@@ -8,7 +8,9 @@
namespace Drupal\dblog\Controller;
use Drupal\Component\Utility\Html;
use Drupal\Component\Utility\SafeMarkup;
use Drupal\Component\Utility\Unicode;
use Drupal\Component\Utility\Xss;
use Drupal\Core\Controller\ControllerBase;
use Drupal\Core\Database\Connection;
use Drupal\Core\Datetime\DateFormatter;
......@@ -281,7 +283,7 @@ public function eventDetails($event_id) {
),
array(
array('data' => $this->t('Hostname'), 'header' => TRUE),
$dblog->hostname,
SafeMarkup::checkPlain($dblog->hostname),
),
array(
array('data' => $this->t('Operations'), 'header' => TRUE),
......
......@@ -51,7 +51,7 @@ public function testUuidStringFormatter() {
$render_array = $uuid_field->view(['settings' => ['link_to_entity' => TRUE]]);
$this->assertIdentical($render_array[0]['#type'], 'link');
$this->assertIdentical($render_array[0]['#title']['#markup'], $entity->uuid());
$this->assertIdentical($render_array[0]['#title'], $entity->uuid());
$this->assertIdentical($render_array[0]['#url']->toString(), $entity->url());
}
......
......@@ -8,6 +8,7 @@
namespace Drupal\field_ui;
use Drupal\Component\Utility\Html;
use Drupal\Component\Utility\SafeMarkup;
use Drupal\Core\Config\Entity\ConfigEntityListBuilder;
use Drupal\Core\Entity\EntityInterface;
use Drupal\Core\Entity\EntityManagerInterface;
......@@ -130,7 +131,7 @@ public function buildRow(EntityInterface $field_config) {
$row = array(
'id' => Html::getClass($field_config->getName()),
'data' => array(
'label' => $field_config->getLabel(),
'label' => SafeMarkup::checkPlain($field_config->getLabel()),
'field_name' => $field_config->getName(),
'field_type' => array(
'data' => array(
......
......@@ -56,17 +56,17 @@ public function viewElements(FieldItemListInterface $items) {
}
foreach ($items as $delta => $item) {
$view_value = $this->viewValue($item);
$string = $this->viewValue($item);
if ($url) {
$elements[$delta] = [
'#type' => 'link',
'#title' => $view_value,
'#title' => $string,
'#url' => Url::fromUri($url),
];
}
else {
$elements[$delta] = is_array($view_value) ? $view_value : ['#markup' => $view_value];
$elements[$delta] = is_array($string) ? $string : ['#markup' => $string];
}
}
......
......@@ -7,6 +7,7 @@
namespace Drupal\file\Plugin\Field\FieldWidget;
use Drupal\Component\Utility\SafeMarkup;
use Drupal\Component\Utility\NestedArray;
use Drupal\Core\Field\FieldDefinitionInterface;
use Drupal\Core\Field\FieldFilteredString;
......@@ -118,7 +119,7 @@ protected function formMultipleElements(FieldItemListInterface $items, array &$f
break;
}
$title = $this->fieldDefinition->getLabel();
$title = SafeMarkup::checkPlain($this->fieldDefinition->getLabel());
$description = FieldFilteredString::create($this->fieldDefinition->getDescription());
$elements = array();
......
Markdown is supported
0% or .
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment