function TwigSandboxPolicy::__construct

Same name in other branches
  1. 9 core/lib/Drupal/Core/Template/TwigSandboxPolicy.php \Drupal\Core\Template\TwigSandboxPolicy::__construct()
  2. 8.9.x core/lib/Drupal/Core/Template/TwigSandboxPolicy.php \Drupal\Core\Template\TwigSandboxPolicy::__construct()
  3. 10 core/lib/Drupal/Core/Template/TwigSandboxPolicy.php \Drupal\Core\Template\TwigSandboxPolicy::__construct()

Constructs a new TwigSandboxPolicy object.

File

core/lib/Drupal/Core/Template/TwigSandboxPolicy.php, line 49

Class

TwigSandboxPolicy
Default sandbox policy for Twig templates.

Namespace

Drupal\Core\Template

Code

public function __construct() {
    // Allow settings.php to override our default allowed classes, methods, and
    // prefixes.
    $allowed_classes = Settings::get('twig_sandbox_allowed_classes', [
        // Allow any operations on the Attribute object as it is intended to be
        // changed from a Twig template, for example calling addClass().
'Drupal\\Core\\Template\\Attribute',
    ]);
    // Flip the array so we can check using isset().
    $this->allowed_classes = array_flip($allowed_classes);
    $allowed_methods = Settings::get('twig_sandbox_allowed_methods', [
        // Only allow idempotent methods.
'id',
        'label',
        'bundle',
        'get',
        '__toString',
        'toString',
    ]);
    // Flip the array so we can check using isset().
    $this->allowed_methods = array_flip($allowed_methods);
    $this->allowed_prefixes = Settings::get('twig_sandbox_allowed_prefixes', [
        'get',
        'has',
        'is',
    ]);
}

Buggy or inaccurate documentation? Please file an issue. Need support? Need help programming? Connect with the Drupal community.