From d5f0d44d4ddf33db2248ef0bdd44633d57c31683 Mon Sep 17 00:00:00 2001 From: Cash Costello Date: Sat, 8 Oct 2011 08:22:08 -0400 Subject: Fixes #3411 output/url now has a is_trusted parameter - defaults to false --- views/default/object/plugin/advanced.php | 33 +++++++++++++++++++------------- views/default/object/plugin/simple.php | 3 ++- 2 files changed, 22 insertions(+), 14 deletions(-) (limited to 'views/default/object/plugin') diff --git a/views/default/object/plugin/advanced.php b/views/default/object/plugin/advanced.php index 1fabaff04..db4e4dbcc 100644 --- a/views/default/object/plugin/advanced.php +++ b/views/default/object/plugin/advanced.php @@ -40,9 +40,10 @@ if ($reordering) { )); $links .= "
  • " . elgg_view('output/url', array( - 'href' => $top_url, - 'text' => elgg_echo('top'), - 'is_action' => true + 'href' => $top_url, + 'text' => elgg_echo('top'), + 'is_action' => true, + 'is_trusted' => true, )) . "
    • "; $up_url = elgg_http_add_url_query_elements($actions_base . 'set_priority', array( @@ -52,9 +53,10 @@ if ($reordering) { )); $links .= "
  • " . elgg_view('output/url', array( - 'href' => $up_url, - 'text' => elgg_echo('up'), - 'is_action' => true + 'href' => $up_url, + 'text' => elgg_echo('up'), + 'is_action' => true, + 'is_trusted' => true, )) . "
    • "; } @@ -67,9 +69,10 @@ if ($reordering) { )); $links .= "
  • " . elgg_view('output/url', array( - 'href' => $down_url, - 'text' => elgg_echo('down'), - 'is_action' => true + 'href' => $down_url, + 'text' => elgg_echo('down'), + 'is_action' => true, + 'is_trusted' => true, )) . "
    • "; $bottom_url = elgg_http_add_url_query_elements($actions_base . 'set_priority', array( @@ -81,7 +84,8 @@ if ($reordering) { $links .= "
  • " . elgg_view('output/url', array( 'href' => $bottom_url, 'text' => elgg_echo('bottom'), - 'is_action' => true + 'is_action' => true, + 'is_trusted' => true, )) . "
    • "; } } else { @@ -93,7 +97,8 @@ if ($reordering) { // always let them deactivate $options = array( - 'is_action' => true + 'is_action' => true, + 'is_trusted' => true, ); if ($active) { $active_class = 'elgg-state-active'; @@ -163,7 +168,8 @@ $author = '' . elgg_echo('admin:plugins:label:author') . ': ' $version = htmlspecialchars($plugin->getManifest()->getVersion()); $website = elgg_view('output/url', array( 'href' => $plugin->getManifest()->getWebsite(), - 'text' => $plugin->getManifest()->getWebsite() + 'text' => $plugin->getManifest()->getWebsite(), + 'is_trusted' => true, )); $copyright = elgg_view('output/text', array('value' => $plugin->getManifest()->getCopyright())); @@ -179,7 +185,8 @@ if ($files) { $url = 'admin_plugin_text_file/' . $plugin->getID() . "/$file"; $link = elgg_view('output/url', array( 'text' => $file, - 'href' => $url + 'href' => $url, + 'is_trusted' => true, )); $docs .= "
  • $link
    • "; diff --git a/views/default/object/plugin/simple.php b/views/default/object/plugin/simple.php index f4cc944f4..4d392e71a 100644 --- a/views/default/object/plugin/simple.php +++ b/views/default/object/plugin/simple.php @@ -49,7 +49,8 @@ foreach ($files as $file => $path) { $url = 'admin_plugin_text_file/' . $plugin->getID() . "/$file"; $link = elgg_view('output/url', array( 'text' => $file, - 'href' => $url + 'href' => $url, + 'is_trusted' => true, )); $plugin_footer .= "
  • $link
    • "; -- cgit v1.2.3