summaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
authorDries2012-07-29 13:26:11 (GMT)
committerDries2012-07-29 13:26:11 (GMT)
commit12ef20ce849ed710a49dde96b581b2efbd33629b (patch)
tree9a50a47d5ecb04c3e33aba561ed44da3276c6830
parentf82ad8740ffb7e3f70b0f30a59caffcc6f1babfc (diff)
- Patch #461938 by c960657, Kars-T, Garrett Albright, dsdeiz, JamesAn, grendzy: Fixed inconsistent use of filter_xss_admin() on () and ().
-rw-r--r--core/includes/theme.inc14
-rw-r--r--core/modules/system/lib/Drupal/system/Tests/System/TokenReplaceTest.php2
-rw-r--r--core/modules/system/system.tokens.inc2
-rw-r--r--core/themes/bartik/template.php4
4 files changed, 11 insertions, 11 deletions
diff --git a/core/includes/theme.inc b/core/includes/theme.inc
index 84e2ec7..8977faf 100644
--- a/core/includes/theme.inc
+++ b/core/includes/theme.inc
@@ -2485,7 +2485,7 @@ function template_preprocess_html(&$variables) {
else {
$head_title = array('name' => check_plain($site_config->get('name')));
if ($site_config->get('slogan')) {
- $head_title['slogan'] = filter_xss_admin($site_config->get('slogan'));
+ $head_title['slogan'] = strip_tags(filter_xss_admin($site_config->get('slogan')));
}
}
$variables['head_title_array'] = $head_title;
@@ -2580,7 +2580,7 @@ function template_preprocess_page(&$variables) {
$variables['main_menu'] = theme_get_setting('toggle_main_menu') ? menu_main_menu() : array();
$variables['secondary_menu'] = theme_get_setting('toggle_secondary_menu') ? menu_secondary_menu() : array();
$variables['action_links'] = menu_local_actions();
- $variables['site_name'] = (theme_get_setting('toggle_name') ? filter_xss_admin($site_config->get('name')) : '');
+ $variables['site_name'] = (theme_get_setting('toggle_name') ? check_plain($site_config->get('name')) : '');
$variables['site_slogan'] = (theme_get_setting('toggle_slogan') ? filter_xss_admin($site_config->get('slogan')) : '');
$variables['tabs'] = menu_local_tabs();
@@ -2771,13 +2771,13 @@ function template_preprocess_maintenance_page(&$variables) {
if (drupal_get_title()) {
$head_title = array(
'title' => strip_tags(drupal_get_title()),
- 'name' => $site_name,
+ 'name' => check_plain($site_name),
);
}
else {
- $head_title = array('name' => $site_name);
+ $head_title = array('name' => check_plain($site_name));
if ($site_slogan) {
- $head_title['slogan'] = $site_slogan;
+ $head_title['slogan'] = strip_tags(filter_xss_admin($site_slogan));
}
}
@@ -2794,8 +2794,8 @@ function template_preprocess_maintenance_page(&$variables) {
$variables['messages'] = $variables['show_messages'] ? theme('status_messages') : '';
$variables['main_menu'] = array();
$variables['secondary_menu'] = array();
- $variables['site_name'] = (theme_get_setting('toggle_name') ? $site_name : '');
- $variables['site_slogan'] = (theme_get_setting('toggle_slogan') ? $site_slogan : '');
+ $variables['site_name'] = (theme_get_setting('toggle_name') ? check_plain($site_name) : '');
+ $variables['site_slogan'] = (theme_get_setting('toggle_slogan') ? filter_xss_admin($site_slogan) : '');
$variables['tabs'] = '';
$variables['title'] = drupal_get_title();
diff --git a/core/modules/system/lib/Drupal/system/Tests/System/TokenReplaceTest.php b/core/modules/system/lib/Drupal/system/Tests/System/TokenReplaceTest.php
index c329b96..a78c4ce 100644
--- a/core/modules/system/lib/Drupal/system/Tests/System/TokenReplaceTest.php
+++ b/core/modules/system/lib/Drupal/system/Tests/System/TokenReplaceTest.php
@@ -119,7 +119,7 @@ class TokenReplaceTest extends WebTestBase {
// Generate and test sanitized tokens.
$tests = array();
$tests['[site:name]'] = check_plain(config('system.site')->get('name'));
- $tests['[site:slogan]'] = check_plain(config('system.site')->get('slogan'));
+ $tests['[site:slogan]'] = filter_xss_admin(config('system.site')->get('slogan'));
$tests['[site:mail]'] = 'simpletest@example.com';
$tests['[site:url]'] = url('<front>', $url_options);
$tests['[site:url-brief]'] = preg_replace(array('!^https?://!', '!/$!'), '', url('<front>', $url_options));
diff --git a/core/modules/system/system.tokens.inc b/core/modules/system/system.tokens.inc
index d3df60e..f9476fd 100644
--- a/core/modules/system/system.tokens.inc
+++ b/core/modules/system/system.tokens.inc
@@ -151,7 +151,7 @@ function system_tokens($type, $tokens, array $data = array(), array $options = a
case 'slogan':
$slogan = config('system.site')->get('slogan');
- $replacements[$original] = $sanitize ? check_plain($slogan) : $slogan;
+ $replacements[$original] = $sanitize ? filter_xss_admin($slogan) : $slogan;
break;
case 'mail':
diff --git a/core/themes/bartik/template.php b/core/themes/bartik/template.php
index aefb861..decc76b 100644
--- a/core/themes/bartik/template.php
+++ b/core/themes/bartik/template.php
@@ -54,7 +54,7 @@ function bartik_process_page(&$variables) {
$variables['hide_site_slogan'] = theme_get_setting('toggle_slogan') ? FALSE : TRUE;
if ($variables['hide_site_name']) {
// If toggle_name is FALSE, the site_name will be empty, so we rebuild it.
- $variables['site_name'] = filter_xss_admin($site_config->get('name'));
+ $variables['site_name'] = check_plain($site_config->get('name'));
}
if ($variables['hide_site_slogan']) {
// If toggle_site_slogan is FALSE, the site_slogan will be empty, so we rebuild it.
@@ -102,7 +102,7 @@ function bartik_process_maintenance_page(&$variables) {
$variables['hide_site_slogan'] = theme_get_setting('toggle_slogan') ? FALSE : TRUE;
if ($variables['hide_site_name']) {
// If toggle_name is FALSE, the site_name will be empty, so we rebuild it.
- $variables['site_name'] = filter_xss_admin($site_config->get('name'));
+ $variables['site_name'] = check_plain($site_config->get('name'));
}
if ($variables['hide_site_slogan']) {
// If toggle_site_slogan is FALSE, the site_slogan will be empty, so we rebuild it.