Problem/Motivation
drupal_set_message(t('whatever') is a common pattern in contrib. We are currently double-escaping this strings if they contain links, even if we use the recommended way ([#322774])
We need to allow this or document the proper way of getting the same message.
Proposed resolution
TBD
Remaining tasks
TBD
Comment | File | Size | Author |
---|---|---|---|
#8 | Translations for Content view Site-Install.png | 31.41 KB | penyaskito |
#3 | Screen Shot 2014-08-23 at 12.59.14 PM.png | 85.5 KB | webchick |
Comments
Comment #1
xjmHm, this shouldn't be happening. Anything that goes through
t()
should be in the safe list.Comment #2
penyaskitoDid a quick check, and cannot reproduce. I will check the original code that made this happen last time and see if I can reproduce it there.
Comment #3
webchickI see it during install if there's an error:
Comment #4
iMiksuI also get during installation when it reports that settings.php is not writeable.
Comment #5
sunClearly a release blocker.
Comment #6
Damien Tournoud CreditAttribution: Damien Tournoud commentedSee #2317281: Double escaping of install errors for the installation process.
drupal_set_message(t())
is not a problem by design.Comment #7
jibranComment #8
penyaskitoSorry, but I'm reopening this one again.
This code double-escapes the message, as seen on #2139185: Notify users when landing on config translation page with only one language listed:
Edited: wrong embedded image
Comment #9
penyaskitoInteresting,
Using
@uri
instead of!uri
works. I expected it to escape the uri, not the full string.https://www.drupal.org/node/2445441 documents this properly.