function LinkWidget::validateUriElement
Form element validation handler for the 'uri' element.
Disallows saving inaccessible or untrusted URLs.
File
-
core/
modules/ link/ src/ Plugin/ Field/ FieldWidget/ LinkWidget.php, line 140
Class
- LinkWidget
- Plugin implementation of the 'link' widget.
Namespace
Drupal\link\Plugin\Field\FieldWidgetCode
public static function validateUriElement($element, FormStateInterface $form_state, $form) {
$uri = static::getUserEnteredStringAsUri($element['#value']);
$form_state->setValueForElement($element, $uri);
// If getUserEnteredStringAsUri() mapped the entered value to an 'internal:'
// URI , ensure the raw value begins with '/', '?' or '#'.
// @todo '<front>' is valid input for BC reasons, may be removed by
// https://www.drupal.org/node/2421941
if (parse_url($uri, PHP_URL_SCHEME) === 'internal' && !in_array($element['#value'][0], [
'/',
'?',
'#',
], TRUE) && !str_starts_with($element['#value'], '<front>')) {
$form_state->setError($element, new TranslatableMarkup('Manually entered paths should start with one of the following characters: / ? #'));
return;
}
}