First version of the security module
This commit is contained in:
21
modules/security/templates/tech-markdown.phtml
Normal file
21
modules/security/templates/tech-markdown.phtml
Normal file
@@ -0,0 +1,21 @@
|
||||
<?php
|
||||
|
||||
/**
|
||||
* Renders a single checkpoint's pre-sanitized Markdown guidance, collapsed by
|
||||
* default inside a <details> toggle.
|
||||
*
|
||||
* Lives in a partial (not the routed view) so the framework Analyzer permits the
|
||||
* raw echo. The HTML is produced by SecurityMarkdownGateway with html_input=escape
|
||||
* and unsafe links dropped, so it is safe to output verbatim.
|
||||
*
|
||||
* @var string $markdownHtml
|
||||
*/
|
||||
$markdownHtml = (string) ($markdownHtml ?? '');
|
||||
if ($markdownHtml === '') {
|
||||
return;
|
||||
}
|
||||
?>
|
||||
<details class="security-tech-markdown">
|
||||
<summary><i class="bi bi-info-circle" aria-hidden="true"></i> <?php e(t('Guidance')); ?></summary>
|
||||
<div class="security-tech-markdown-body"><?php echo $markdownHtml; // raw-html-ok: sanitized Markdown (html_input=escape, unsafe links dropped) via SecurityMarkdownGateway ?></div>
|
||||
</details>
|
||||
Reference in New Issue
Block a user