1 common.inc check_url($uri)

Strips dangerous protocols from a URI and encodes it for output to HTML.


$uri: A plain-text URI that might contain dangerous protocols.

Return value

A URI stripped of dangerous protocols and encoded for output to an HTML: attribute value. Because it is already encoded, it should not be set as a value within a $attributes array passed to backdrop_attributes(), because backdrop_attributes() expects those values to be plain-text strings. To pass a filtered URI to backdrop_attributes(), call backdrop_strip_dangerous_protocols() instead.

See also


Related topics


core/includes/common.inc, line 1820
Common functions that many Backdrop modules will need to reference.


function check_url($uri) {
  return check_plain(backdrop_strip_dangerous_protocols($uri));