diff options
| author | Cash Costello <cash.costello@gmail.com> | 2011-10-08 08:22:08 -0400 |
|---|---|---|
| committer | Cash Costello <cash.costello@gmail.com> | 2011-10-08 08:22:08 -0400 |
| commit | d5f0d44d4ddf33db2248ef0bdd44633d57c31683 (patch) | |
| tree | f7e66db7616f844ea798bcd7357d633b691cbbec /views/default/output/url.php | |
| parent | 996a185c557357ccd3f5c257d17699eb874e1898 (diff) | |
| download | elgg-d5f0d44d4ddf33db2248ef0bdd44633d57c31683.tar.gz elgg-d5f0d44d4ddf33db2248ef0bdd44633d57c31683.tar.bz2 | |
Fixes #3411 output/url now has a is_trusted parameter - defaults to false
Diffstat (limited to 'views/default/output/url.php')
| -rw-r--r-- | views/default/output/url.php | 15 |
1 files changed, 12 insertions, 3 deletions
diff --git a/views/default/output/url.php b/views/default/output/url.php index 79ab52377..81b02087d 100644 --- a/views/default/output/url.php +++ b/views/default/output/url.php @@ -10,7 +10,7 @@ * @uses string $vars['href'] The unencoded url string * @uses bool $vars['encode_text'] Run $vars['text'] through htmlspecialchars() (false) * @uses bool $vars['is_action'] Is this a link to an action (false) - * + * @uses bool $vars['is_trusted'] Is this link trusted (false) */ $url = elgg_extract('href', $vars, null); @@ -37,11 +37,20 @@ if ($url) { if (elgg_extract('is_action', $vars, false)) { $url = elgg_add_action_tokens_to_url($url, false); - unset($vars['is_action']); + } + + if (!elgg_extract('is_trusted', $vars, false)) { + if (!isset($vars['rel'])) { + $vars['rel'] = 'nofollow'; + $url = strip_tags($url); + } } $vars['href'] = $url; } +unset($vars['is_action']); +unset($vars['is_trusted']); + $attributes = elgg_format_attributes($vars); -echo "<a $attributes>$text</a>";
\ No newline at end of file +echo "<a $attributes>$text</a>"; |