editor_filter_xss example



    // The original_format parameter will only exist when switching text format.     $original_format_id = $request->request->get('original_format_id');
    $original_format = NULL;
    if (isset($original_format_id)) {
      $original_format = $this->entityTypeManager()
        ->getStorage('filter_format')
        ->load($original_format_id);
    }

    return new JsonResponse(editor_filter_xss($value$filter_format$original_format));
  }

}
// Attach attachments for all available editors.     $element['#attached'] = BubbleableMetadata::mergeAttachments($element['#attached']$this->pluginManager->getAttachments($format_ids));

    // Apply XSS filters when editing content if necessary. Some types of text     // editors cannot guarantee that the end user won't become a victim of XSS.     if (!empty($element['value']['#value'])) {
      $original = $element['value']['#value'];
      $format = FilterFormat::load($element['format']['format']['#value']);

      // Ensure XSS-safety for the current text format/editor.       $filtered = editor_filter_xss($original$format);
      if ($filtered !== FALSE) {
        $element['value']['#value'] = $filtered;
      }

      // Only when the user has access to multiple text formats, we must add data-       // attributes for the original value and change tracking, because they are       // only necessary when the end user can switch between text formats/editors.       if ($element['format']['format']['#access']) {
        $element['value']['#attributes']['data-editor-value-is-changed'] = 'false';
        $element['value']['#attributes']['data-editor-value-original'] = $original;
      }
    }
Home | Imprint | This part of the site doesn't use cookies.