Community
Support » Module Development and Code Questions

is their any equivalent check_plain() function for URL?

Posted by halloffame on November 29, 2012 at 9:36am

Is there any function I could use for URLs fields that checks for the scheme of the URL to avoid URLs with 'javascript'? We don't want users to execute unbeknownst scripts on our site now don't we?

Login or register to post comments Categories: ,

Comments

Yes, it's called check_url().

Posted by alfaguru on November 29, 2012 at 9:59am

Yes, it's called check_url(). http://api.drupal.org/api/drupal/includes%21common.inc/function/check_url/7

Also look at

Posted by alfaguru on November 29, 2012 at 10:01am

Also look at drupal_strip_dangerous_protocols().

nobody click here