‪TYPO3CMS  ‪main
Public Member Functions | Static Public Member Functions | Static Protected Member Functions | Protected Attributes | List of all members
TYPO3\CMS\Fluid\ViewHelpers\Sanitize\HtmlViewHelper Class Reference
Inheritance diagram for TYPO3\CMS\Fluid\ViewHelpers\Sanitize\HtmlViewHelper:

Public Member Functions

 initializeArguments ()
 

Static Public Member Functions

static renderStatic (array $arguments, \Closure $renderChildrenClosure, RenderingContextInterface $renderingContext)
 

Static Protected Member Functions

static createInitiator ()
 
static createSanitizer (string $build)
 

Protected Attributes

bool $escapeChildren = false
 
bool $escapeOutput = false
 

Detailed Description

Passes a given content through typo3/html-sanitizer to mitigate potential cross-site scripting occurrences. Given default build corresponds to class TYPO3\CMS\Core\Html\DefaultSanitizerBuilder declaring allowed HTML tags, attributes and their values.

Examples

Default parameters

::

<f:sanitize.html> </f:sanitize.html>

Output::

Inline notation

::

{richTextFieldContent -> f:sanitize.html(build: 'default')}

Definition at line 58 of file HtmlViewHelper.php.

Member Function Documentation

◆ createInitiator()

static TYPO3\CMS\Fluid\ViewHelpers\Sanitize\HtmlViewHelper::createInitiator ( )
staticprotected

Definition at line 84 of file HtmlViewHelper.php.

◆ createSanitizer()

static TYPO3\CMS\Fluid\ViewHelpers\Sanitize\HtmlViewHelper::createSanitizer ( string  $build)
staticprotected

Definition at line 89 of file HtmlViewHelper.php.

Referenced by TYPO3\CMS\Fluid\ViewHelpers\Sanitize\HtmlViewHelper\renderStatic().

◆ initializeArguments()

TYPO3\CMS\Fluid\ViewHelpers\Sanitize\HtmlViewHelper::initializeArguments ( )

Definition at line 69 of file HtmlViewHelper.php.

◆ renderStatic()

static TYPO3\CMS\Fluid\ViewHelpers\Sanitize\HtmlViewHelper::renderStatic ( array  $arguments,
\Closure  $renderChildrenClosure,
RenderingContextInterface  $renderingContext 
)
static
Parameters
array{build‪string|class-string} $arguments

Definition at line 77 of file HtmlViewHelper.php.

References TYPO3\CMS\Fluid\ViewHelpers\Sanitize\HtmlViewHelper\createSanitizer().

Member Data Documentation

◆ $escapeChildren

bool TYPO3\CMS\Fluid\ViewHelpers\Sanitize\HtmlViewHelper::$escapeChildren = false
protected

Definition at line 63 of file HtmlViewHelper.php.

◆ $escapeOutput

bool TYPO3\CMS\Fluid\ViewHelpers\Sanitize\HtmlViewHelper::$escapeOutput = false
protected

Definition at line 67 of file HtmlViewHelper.php.