Category
Drupal Version
Here's how to whitelist HTML tags in your module output that are normally stripped out by the XSS filter:
$tagList = array('input'); return array( '#markup' => $buffer, '#allowed_tags' => array_merge(\Drupal\Component\Utility\Xss::getAdminTagList(), $tagList), );
And here's how to allow data URLs in your module output for displaying images with data that you've already pulled in from a data source (code updated 2017-12-11 to a better format that avoids whitescreening in certain use cases):
$allowedProtocols = \Drupal\Component\Utility\URLHelper::getAllowedProtocols(); $allowedProtocols[] = 'data'; \Drupal\Component\Utility\URLHelper::setAllowedProtocols($allowedProtocols);