Mercurial > hg > isophonics-drupal-site
view core/lib/Drupal/Component/Render/HtmlEscapedText.php @ 13:5fb285c0d0e3
Update Drupal core to 8.4.7 via Composer. Security update; I *think* we've
been lucky to get away with this so far, as we don't support self-registration
which seems to be used by the so-called "drupalgeddon 2" attack that 8.4.5
was vulnerable to.
| author | Chris Cannam |
|---|---|
| date | Mon, 23 Apr 2018 09:33:26 +0100 |
| parents | 4c8ae668cc8c |
| children | 129ea1e6d783 |
line wrap: on
line source
<?php namespace Drupal\Component\Render; use Drupal\Component\Utility\Html; use Drupal\Component\Utility\Unicode; /** * Escapes HTML syntax characters to HTML entities for display in markup. * * This class can be used to provide theme engine-like late escaping * functionality. * * @ingroup sanitization */ class HtmlEscapedText implements MarkupInterface, \Countable { /** * The string to escape. * * @var string */ protected $string; /** * Constructs an HtmlEscapedText object. * * @param $string * The string to escape. This value will be cast to a string. */ public function __construct($string) { $this->string = (string) $string; } /** * {@inheritdoc} */ public function __toString() { return Html::escape($this->string); } /** * {@inheritdoc} */ public function count() { return Unicode::strlen($this->string); } /** * {@inheritdoc} */ public function jsonSerialize() { return $this->__toString(); } }