diff options
| -rw-r--r-- | includes/common.inc | 4 |
1 files changed, 3 insertions, 1 deletions
diff --git a/includes/common.inc b/includes/common.inc index 9b582c446..a2768a51e 100644 --- a/includes/common.inc +++ b/includes/common.inc @@ -2291,7 +2291,9 @@ function drupal_attributes(array $attributes = array()) { * to work in a call to drupal_attributes($options['attributes']). * - 'html' (default FALSE): Whether $text is HTML or just plain-text. For * example, to make an image tag into a link, this must be set to TRUE, or - * you will see the escaped HTML image tag. + * you will see the escaped HTML image tag. $text is not sanitized if + * 'html' is TRUE. The calling function must ensure that $text is already + * safe. * - 'language': An optional language object. If the path being linked to is * internal to the site, $options['language'] is used to determine whether * the link is "active", or pointing to the current page (the language as |