Add new allowed HTML Tags to Drupal / TWIG XSS Filter

Problem (add 'textarea'):

Der Text, der für dieses Feld angezeigt werden soll. Es können Daten aus dieser Ansicht gemäß den untenstehenden „Ersetzungsmustern“ eingegeben werden. Twig oder die folgenden erlaubten HTML-Tags dürfen eingefügt werden: <a> <abbr> <acronym> <address> <article> <aside> <b> <bdi> <bdo> <big> <blockquote> <br> <caption> <cite> <code> <col> <colgroup> <command> <dd> <del> <details> <dfn> <div> <dl> <dt> <em> <figcaption> <figure> <footer> <h1> <h2> <h3> <h4> <h5> <h6> <header> <hgroup> <hr> <i> <img> <ins> <kbd> <li> <mark> <menu> <meter> <nav> <ol> <output> <p> <pre> <progress> <q> <rp> <rt> <ruby> <s> <samp> <section> <small> <span> <strong> <sub> <summary> <sup> <table> <tbody> <td> <tfoot> <th> <thead> <time> <tr> <tt> <u> <ul> <var> <wbr>

Solution (web\core\lib\Drupal\Component\Utility\Xss.php)

 

protected static $adminTags = ['a', 'abbr', 'acronym', 'address', 'article', 'aside', 'b', 'bdi', 'bdo', 'big', 'blockquote', 'br', 'caption', 'cite', 'code', 'col', 'colgroup', 'command', 'dd', 'del', 'details', 'dfn', 'div', 'dl', 'dt', 'em', 'figcaption', 'figure', 'footer', 'h1', 'h2', 'h3', 'h4', 'h5', 'h6', 'header', 'hgroup', 'hr', 'i', 'img', 'ins', 'kbd', 'li', 'mark', 'menu', 'meter', 'nav', 'ol', 'output', 'p', 'pre', 'progress', 'q', 'rp', 'rt', 'ruby', 's', 'samp', 'section', 'small', 'span', 'strong', 'sub', 'summary', 'sup', 'table', 'tbody', 'td', 'textarea', 'tfoot', 'th', 'thead', 'time', 'tr', 'tt', 'u', 'ul', 'var', 'wbr'];

Neuen Kommentar schreiben

CAPTCHA
This question is for testing whether or not you are a human visitor and to prevent automated spam submissions.

Suche

Neueste Kommentare

  • 4 months ago
    [preflight] The following restricted PHP modes have non-empty values: {open_basedir}. This configuration is incompatible with drush.

    Same with Drush 13 + PHP 8.3

  • 4 months ago
    Acronis CyberProtect Agent For Linux (Strato Root Server)

    Initializing...

    Error : Failed to install the required package 'RPM' by using APT. Please install it manually. 

    Exit


    Solution:

  • 4 months ago
    Acronis CyberProtect Agent For Linux (Strato Root Server)

    So habe es installiert und dann mit Hilfe von Key/Code (über Website von Acronis Cyber Protect) aktiviert:

  • 4 months 1 week ago
    No route found for the specified format html. Supported formats: csv, json. (Drupal Routing)

    I have a view with a path like /my-content-export to export entivies as JSON or CSV.

  • 4 months 1 week ago
    InvalidArgumentException: The controller for URI "/admin/flush" is not callable.

    admin_toolbar 3.5.2 is the reason. Patch coming ...

  • 3 months ago
    PDOException: SQLSTATE[40001]: Serialization failure: 1213 Deadlock found when trying to get lock

    Drupal 10.4:

  • 5 months 1 week ago
    Server install & config : Debian 12 + Plesk + Apache + nginx + MariaDB + Solr

    Tools & Settings >> Security Policy :

     Allow only secure FTPS connections 

  • 6 months 3 weeks ago
    MariaDB Server Performance Optimieren

     

    /usr/sbin/mariadbd --help --verbose | grep "query.*size"
  • 6 months 3 weeks ago
    MariaDB Server Performance Optimieren

    Commandline:

    systemctl restart mariadb
  • 6 months 3 weeks ago
    MariaDB Server Performance Optimieren

    After my changes in /etc/mysql/db-performance.cnf