public static function Xss::filterAdmin

Applies a very permissive XSS/HTML filter for admin-only use.

Use only for fields where it is impractical to use the whole filter system, but where some (mainly inline) mark-up is desired (so check_plain() is not acceptable).

Allows all tags that can be used inside an HTML body, save for scripts and styles.

Parameters

string $string: The string to apply the filter to.

Return value

string The filtered string.

4 calls to Xss::filterAdmin()
filter_xss_admin in drupal/core/includes/common.inc
Applies a very permissive XSS/HTML filter for admin-only use.
MessageAction::execute in drupal/core/modules/action/lib/Drupal/action/Plugin/Action/MessageAction.php
Executes the plugin.
XssTest::testFilterXSSAdmin in drupal/core/tests/Drupal/Tests/Component/Utility/XssTest.php
Checks that Xss::filterAdmin() correctly strips unallowed tags.
XssTest::testFilterXssAdminNotNormalized in drupal/core/tests/Drupal/Tests/Component/Utility/XssTest.php
Tests the loose, admin HTML filter.

File

drupal/core/lib/Drupal/Component/Utility/Xss.php, line 102
Contains \Drupal\Component\Utility\Xss.

Class

Xss
Provides helper to filter for cross-site scripting.

Namespace

Drupal\Component\Utility

Code

public static function filterAdmin($string) {
  return static::filter($string, static::$adminTags);
}