Version:
Acquia Site Studio Documentation

Why is HTML being escaped when using Drupal tokens?

HTML is escaped when using Drupal tokens in Site studio as a security measure, this follows Drupal core.

If HTML is input into something like a node title field and then a token such as [node:title] is used within a Site studio component the HTML inside the field will be escaped and render as a string. This follows Drupal core.

If you require the HTML to not be escaped for specific tokens you can use the below hook_tokens_alter() in your custom code:

This example alters the menu link title value token to allow HTML.

/**
 * Implements hook_tokens_alter().
 **/
function cohesion_tokens_alter(array &$replacements, array $context,\Drupal\Core\Render\BubbleableMetadata $bubbleable_metadata) {
  if(isset($replacements['[menu_link_content:title:value]'])) {
    $replacements['[menu_link_content:title:value]'] = \Drupal\Core\Render\Markup::create(Drupal\Component\Utility\Html::decodeEntities($replacements['[menu_link_content:title:value]']));
  }
}

 

DX8 knowledge base icon

Frequently asked questions

Get instant answers to common questions. Available online 24/7.

Find answers

Raise a ticket icon

Raise a support ticket

To raise a ticket, sign into Acquia Cloud and select Help in the top menu.

Raise support ticket

Acquia

Copyright © 2020 Acquia, Inc. All Rights Reserved. Drupal is a registered trademark of Dries Buytaert.

Social