Follow-up to #1825952: Turn on twig autoescape by default
Problem/Motivation
SafeMarkup::set() is mostly for internal use only. For the most part, existing APIs like t(), String::checkPlain(), XSS::filter(), drupal_render(), etc. should be marking the things they sanitize, and markup in general should be moved into templates wherever possible so the themer has control of it.
#2280965: [meta] Document or remove every SafeMarkup::set() call is postponed on this issue's progress.
Proposed resolution
Remove as many SafeMarkup::set() calls from core as possible.
Remaining tasks
TBD
| Task | Novice task? | Contributor instructions | Complete? |
|---|---|---|---|
| when this is fixed, unpostpone #2280965: [meta] Document or remove every SafeMarkup::set() call |