diff options
| author | webchick <webchick@24967.no-reply.drupal.org> | 2011-07-03 11:00:20 -0700 |
|---|---|---|
| committer | webchick <webchick@24967.no-reply.drupal.org> | 2011-07-03 11:00:20 -0700 |
| commit | 6923d2aa2a6c77aa732a09d6da55cbdf5ee4f0fe (patch) | |
| tree | 9a2629d622320e3224255883e72b1a23169ab17a | |
| parent | d527a06e637fc3b90d5a2fb24e59531bda5af914 (diff) | |
| download | brdo-6923d2aa2a6c77aa732a09d6da55cbdf5ee4f0fe.tar.gz brdo-6923d2aa2a6c77aa732a09d6da55cbdf5ee4f0fe.tar.bz2 | |
Issue #1179582 by dalin: Changed l() documentation should mention that sanitization is not performed when HTML => TRUE.
| -rw-r--r-- | includes/common.inc | 4 |
1 files changed, 3 insertions, 1 deletions
diff --git a/includes/common.inc b/includes/common.inc index 9b582c446..a2768a51e 100644 --- a/includes/common.inc +++ b/includes/common.inc @@ -2291,7 +2291,9 @@ function drupal_attributes(array $attributes = array()) { * to work in a call to drupal_attributes($options['attributes']). * - 'html' (default FALSE): Whether $text is HTML or just plain-text. For * example, to make an image tag into a link, this must be set to TRUE, or - * you will see the escaped HTML image tag. + * you will see the escaped HTML image tag. $text is not sanitized if + * 'html' is TRUE. The calling function must ensure that $text is already + * safe. * - 'language': An optional language object. If the path being linked to is * internal to the site, $options['language'] is used to determine whether * the link is "active", or pointing to the current page (the language as |