Provides helper to filter for cross-site scripting.
| Name | Modifiers | Type | Description |
|---|---|---|---|
| Xss::$adminTags | protected static | property | The list of HTML tags allowed by filterAdmin(). |
| Xss::$htmlTags | protected static | property | The default list of HTML tags allowed by filter(). |
| Xss::attributes | protected static | function | Processes a string of HTML attributes. |
| Xss::filter | public static | function | Filters HTML to prevent cross-site-scripting (XSS) vulnerabilities. |
| Xss::filterAdmin | public static | function | Applies a very permissive XSS/HTML filter for admin-only use. |
| Xss::getAdminTagList | public static | function | Gets the list of HTML tags allowed by Xss::filterAdmin(). |
| Xss::getHtmlTagList | public static | function | Gets the standard list of HTML tags allowed by Xss::filter(). |
| Xss::needsRemoval | protected static | function | Whether this element needs to be removed altogether. |
| Xss::split | protected static | function | Processes an HTML tag. |
© 2001–2016 by the original authors
Licensed under the GNU General Public License, version 2 and later.
Drupal is a registered trademark of Dries Buytaert.
https://api.drupal.org/api/drupal/core!lib!Drupal!Component!Utility!Xss.php/class/Xss/8.1.x