/**
*[_filter_xss_bad_protocol private method
* @param string $string string
* @param boolean $decode process entity decode on string
* @return string safe value
*/
private static function _filter_xss_bad_protocol($string, $decode = TRUE)
{
if ($decode) {
$string = process_entity_decode($string);
}
return process_plain(cs_form::_strip_dangerous_protocols($string));
}
