Merge branch 'develop' into 1.9

# Conflicts:
#	languages/en.yaml

blueprints/admin/pages/raw.yaml

@@ -18,6 +18,9 @@ form:
           title: PLUGIN_ADMIN.CONTENT
 
           fields:
+            xss_check:
+              type: xss
+              
             frontmatter:
               classes: frontmatter
               type: editor

classes/admincontroller.php

@@ -661,10 +661,7 @@ class AdminController extends AdminBaseController
                 $check_what = ['header' => $data['header'], 'content' => $data['content']];
                 $results = Security::detectXssFromArray($check_what);
                 if (!empty($results)) {
-                    $results_parts = array_map(function($value, $key) {
-                        return $key.': \''.$value . '\'';
-                    }, array_values($results), array_keys($results));
-                    $this->admin->setMessage('<i class="fa fa-ban"></i> ' . sprintf($this->admin->translate('PLUGIN_ADMIN.XSS_ISSUE'), implode(', ', $results_parts)),
+                    $this->admin->setMessage('<i class="fa fa-ban"></i> ' . $this->admin->translate('PLUGIN_ADMIN.XSS_ONSAVE_ISSUE'),
                         'error');
                     return false;
                 }

themes/grav/templates/forms/fields/xss/xss.html.twig

@@ -0,0 +1,6 @@
+{% set xss_header = data.value('header')|array %}
+{% set xss_content = data.value('content') %}
+{% set xss_status = xss({header: xss_header, content: xss_content}) %}
+{% if xss_status is not empty %}
+    <div class="notice alert">{{ "PLUGIN_ADMIN.XSS_ISSUE"|tu([xss_status])|raw }}</div>
+{% endif %}