Fixes #3411 output/url now has a is_trusted parameter - defaults to false

author: Cash Costello <cash.costello@gmail.com> 2011-10-08 08:22:08 -0400
committer: Cash Costello <cash.costello@gmail.com> 2011-10-08 08:22:08 -0400
commit: d5f0d44d4ddf33db2248ef0bdd44633d57c31683 (patch)
tree: f7e66db7616f844ea798bcd7357d633b691cbbec /views/default/object
parent: 996a185c557357ccd3f5c257d17699eb874e1898 (diff)
download: elgg-d5f0d44d4ddf33db2248ef0bdd44633d57c31683.tar.gz
elgg-d5f0d44d4ddf33db2248ef0bdd44633d57c31683.tar.bz2
6 files changed, 27 insertions, 15 deletions
diff --git a/views/default/object/admin_notice.php b/views/default/object/admin_notice.php
index 086eddb1f..11524567e 100644
--- a/views/default/object/admin_notice.php
+++ b/views/default/object/admin_notice.php
@@ -11,7 +11,8 @@ if (isset($vars['entity']) && elgg_instanceof($vars['entity'], 'object', 'admin_
 		'href' => "action/admin/delete_admin_notice?guid=$notice->guid",
 		'text' => '<span class="elgg-icon elgg-icon-delete"></span>',
 		'is_action' => true,
-		'class' => 'elgg-admin-notice'
+		'class' => 'elgg-admin-notice',
+		'is_trusted' => true,
 	));
 
 	echo "<p>$delete$message</p>";
diff --git a/views/default/object/default.php b/views/default/object/default.php
index a50f19387..a9c3e15ca 100644
--- a/views/default/object/default.php
+++ b/views/default/object/default.php
@@ -28,6 +28,7 @@ if ($owner) {
 	$owner_link = elgg_view('output/url', array(
 		'href' => $owner->getURL(),
 		'text' => $owner->name,
+		'is_trusted' => true,
 	));
 }
 
diff --git a/views/default/object/elements/summary.php b/views/default/object/elements/summary.php
index 10cf0b148..3ca4de2be 100644
--- a/views/default/object/elements/summary.php
+++ b/views/default/object/elements/summary.php
@@ -29,6 +29,7 @@ if ($title_link === '') {
 	$params = array(
 		'text' => $text,
 		'href' => $entity->getURL(),
+		'is_trusted' => true,
 	);
 	$title_link = elgg_view('output/url', $params);
 }
diff --git a/views/default/object/plugin/advanced.php b/views/default/object/plugin/advanced.php
index 1fabaff04..db4e4dbcc 100644
--- a/views/default/object/plugin/advanced.php
+++ b/views/default/object/plugin/advanced.php
@@ -40,9 +40,10 @@ if ($reordering) {
 		));
 
 		$links .= "<li>" . elgg_view('output/url', array(
-			'href' 		=> $top_url,
-			'text'		=> elgg_echo('top'),
-			'is_action'	=> true
+			'href' => $top_url,
+			'text' => elgg_echo('top'),
+			'is_action' => true,
+			'is_trusted' => true,
 		)) . "</li>";
 
 		$up_url = elgg_http_add_url_query_elements($actions_base . 'set_priority', array(
@@ -52,9 +53,10 @@ if ($reordering) {
 		));
 
 		$links .= "<li>" . elgg_view('output/url', array(
-			'href' 		=> $up_url,
-			'text'		=> elgg_echo('up'),
-			'is_action'	=> true
+			'href' => $up_url,
+			'text' => elgg_echo('up'),
+			'is_action' => true,
+			'is_trusted' => true,
 		)) . "</li>";
 	}
 
@@ -67,9 +69,10 @@ if ($reordering) {
 		));
 
 		$links .= "<li>" . elgg_view('output/url', array(
-			'href' 		=> $down_url,
-			'text'		=> elgg_echo('down'),
-			'is_action'	=> true
+			'href' => $down_url,
+			'text' => elgg_echo('down'),
+			'is_action'	=> true,
+			'is_trusted' => true,
 		)) . "</li>";
 
 		$bottom_url = elgg_http_add_url_query_elements($actions_base . 'set_priority', array(
@@ -81,7 +84,8 @@ if ($reordering) {
 		$links .= "<li>" . elgg_view('output/url', array(
 			'href' 		=> $bottom_url,
 			'text'		=> elgg_echo('bottom'),
-			'is_action'	=> true
+			'is_action'	=> true,
+			'is_trusted' => true,
 		)) . "</li>";
 	}
 } else {
@@ -93,7 +97,8 @@ if ($reordering) {
 
 // always let them deactivate
 $options = array(
-	'is_action' => true
+	'is_action' => true,
+	'is_trusted' => true,
 );
 if ($active) {
 	$active_class = 'elgg-state-active';
@@ -163,7 +168,8 @@ $author = '<span>' . elgg_echo('admin:plugins:label:author') . '</span>: '
 $version = htmlspecialchars($plugin->getManifest()->getVersion());
 $website = elgg_view('output/url', array(
 	'href' => $plugin->getManifest()->getWebsite(),
-	'text' => $plugin->getManifest()->getWebsite()
+	'text' => $plugin->getManifest()->getWebsite(),
+	'is_trusted' => true,
 ));
 
 $copyright = elgg_view('output/text', array('value' => $plugin->getManifest()->getCopyright()));
@@ -179,7 +185,8 @@ if ($files) {
 		$url = 'admin_plugin_text_file/' . $plugin->getID() . "/$file";
 		$link = elgg_view('output/url', array(
 			'text' => $file,
-			'href' => $url
+			'href' => $url,
+			'is_trusted' => true,
 		));
 		$docs .= "<li>$link</li>";
 
diff --git a/views/default/object/plugin/simple.php b/views/default/object/plugin/simple.php
index f4cc944f4..4d392e71a 100644
--- a/views/default/object/plugin/simple.php
+++ b/views/default/object/plugin/simple.php
@@ -49,7 +49,8 @@ foreach ($files as $file => $path) {
 	$url = 'admin_plugin_text_file/' . $plugin->getID() . "/$file";
 	$link = elgg_view('output/url', array(
 		'text' => $file,
-		'href' => $url
+		'href' => $url,
+		'is_trusted' => true,
 	));
 	$plugin_footer .= "<li>$link</li>";
 
diff --git a/views/default/object/widget/elements/controls.php b/views/default/object/widget/elements/controls.php
index abf2154fc..6d06d28bc 100644
--- a/views/default/object/widget/elements/controls.php
+++ b/views/default/object/widget/elements/controls.php
@@ -24,6 +24,7 @@ if ($widget->canEdit()) {
 		'title' => elgg_echo('widget:delete', array($widget->getTitle())),
 		'href' => "action/widgets/delete?guid=$widget->guid",
 		'is_action' => true,
+		'is_trusted' => true,
 		'class' => 'elgg-widget-delete-button',
 		'id' => "elgg-widget-delete-button-$widget->guid"
 	);
author	Cash Costello <cash.costello@gmail.com>	2011-10-08 08:22:08 -0400
committer	Cash Costello <cash.costello@gmail.com>	2011-10-08 08:22:08 -0400
commit	d5f0d44d4ddf33db2248ef0bdd44633d57c31683 (patch)
tree	f7e66db7616f844ea798bcd7357d633b691cbbec /views/default/object
parent	996a185c557357ccd3f5c257d17699eb874e1898 (diff)
download	elgg-d5f0d44d4ddf33db2248ef0bdd44633d57c31683.tar.gz elgg-d5f0d44d4ddf33db2248ef0bdd44633d57c31683.tar.bz2