diff options
| author | Dries Buytaert <dries@buytaert.net> | 2010-06-09 14:55:30 +0000 |
|---|---|---|
| committer | Dries Buytaert <dries@buytaert.net> | 2010-06-09 14:55:30 +0000 |
| commit | e4afcae139ec1770a27ff9e2fc3d8bfbd858b04f (patch) | |
| tree | 87499f203a1cff9e6420d8a563789f418d376476 | |
| parent | 30434bbc74b2709b66e5f95789a941496f5b1fea (diff) | |
| download | brdo-e4afcae139ec1770a27ff9e2fc3d8bfbd858b04f.tar.gz brdo-e4afcae139ec1770a27ff9e2fc3d8bfbd858b04f.tar.bz2 | |
- Patch #819844 by agentrickard: better documentation for url_is_external().
| -rw-r--r-- | includes/common.inc | 11 |
1 files changed, 10 insertions, 1 deletions
diff --git a/includes/common.inc b/includes/common.inc index a301f3404..13d9862b8 100644 --- a/includes/common.inc +++ b/includes/common.inc @@ -2091,7 +2091,16 @@ function url($path = NULL, array $options = array()) { } /** - * Return TRUE if a path is external (e.g. http://example.com). + * Return TRUE if a path is external to Drupal (e.g. http://example.com). + * + * If a path cannot be assessed by Drupal's menu handler, then we must + * treat it as potentially insecure. + * + * @param $path + * The internal path or external URL being linked to, such as "node/34" or + * "http://example.com/foo". + * @return + * Boolean TRUE or FALSE, where TRUE indicates an external path. */ function url_is_external($path) { $colonpos = strpos($path, ':'); |