From e52a48ae9d46a7cf2ede6068ed72c40b1285196b Mon Sep 17 00:00:00 2001
From: quietone <quietone@2572884.no-reply.drupal.org>
Date: Fri, 24 Jan 2025 19:52:09 +1300
Subject: [PATCH] change message

---
 core/modules/system/system.install | 8 ++++++--
 1 file changed, 6 insertions(+), 2 deletions(-)

diff --git a/core/modules/system/system.install b/core/modules/system/system.install
index 2c85ec6bcf4e..5bec07f3ad98 100644
--- a/core/modules/system/system.install
+++ b/core/modules/system/system.install
@@ -704,13 +704,17 @@ function system_requirements($phase): array {
       // Check for the string which was added to the recommended .htaccess file
       // in the latest security update.
       if (!file_exists($htaccess_file) || !($contents = @file_get_contents($htaccess_file)) || !str_contains($contents, 'Drupal_Security_Do_Not_Remove_See_SA_2013_003')) {
-        $url = 'https://www.drupal.org/SA-CORE-2013-003';
         $requirements[$htaccess_file] = [
           // phpcs:ignore Drupal.Semantics.FunctionT.NotLiteralString
           'title' => new TranslatableMarkup($protected_dir->getTitle()),
           'value' => t('Not fully protected'),
           'severity' => REQUIREMENT_ERROR,
-          'description' => t('See <a href=":url">@url</a> for information about the recommended .htaccess file which should be added to the %directory directory to help protect against arbitrary code execution.', [':url' => $url, '@url' => $url, '%directory' => $protected_dir->getPath()]),
+          'description' => t('See <a href=":doc">@doc</a> for the recommended .htaccess file to add to the %directory to protect against arbitrary code execution.',
+            [
+              ':doc' => 'https://www.drupal.org/docs/installing-drupal/some-directory-not-fully-protected',
+              '@doc' => t('how to protect a directory'),
+              '%directory' => Drupal::service('file_system')->realpath($protected_dir->getPath()),
+            ]),
         ];
       }
     }
-- 
GitLab