TSP Posted October 21, 2019 Share Posted October 21, 2019 In: public function parse( $value ) { /* CKEditor sometimes includes these for markers. HTMLPurifier will remove the style attribute so we need to strip them first */ $value = str_replace( '<span style="display: none;"> </span>', '', $value ); /* Clean HTML */ if ( $value and $this->htmlPurifier ) { $value = $this->htmlPurifier->purify( $value ); } /* BBCode, Profanity, etc. */ if ( $value ) { $value = $this->_parseContent( $value ); } /* Clean HTML */ if ( $value and $this->htmlPurifier ) { $value = $this->htmlPurifier->purify( $value ); } What's the reasoning by running it twice through the purifier? Wouldn't it be enough to just do it once? Either before or after _parseContent. I'm also wondering how "safe" you would consider it to be to comment out the second purifyer step to speed up the post conversion task running after an upgrade from 3.4. Link to comment Share on other sites More sharing options...
newbie LAC Posted October 21, 2019 Share Posted October 21, 2019 Link to comment Share on other sites More sharing options...
All Astronauts Posted October 22, 2019 Share Posted October 22, 2019 ^ Hey - I know that quoted guy Link to comment Share on other sites More sharing options...
Recommended Posts
Archived
This topic is now archived and is closed to further replies.