TSP Posted October 21, 2019 Posted October 21, 2019 In: public function parse( $value ) { /* CKEditor sometimes includes these for markers. HTMLPurifier will remove the style attribute so we need to strip them first */ $value = str_replace( '<span style="display: none;"> </span>', '', $value ); /* Clean HTML */ if ( $value and $this->htmlPurifier ) { $value = $this->htmlPurifier->purify( $value ); } /* BBCode, Profanity, etc. */ if ( $value ) { $value = $this->_parseContent( $value ); } /* Clean HTML */ if ( $value and $this->htmlPurifier ) { $value = $this->htmlPurifier->purify( $value ); } What's the reasoning by running it twice through the purifier? Wouldn't it be enough to just do it once? Either before or after _parseContent. I'm also wondering how "safe" you would consider it to be to comment out the second purifyer step to speed up the post conversion task running after an upgrade from 3.4.
Recommended Posts
Archived
This topic is now archived and is closed to further replies.