Ticket #40635: 40635.2.diff

src/wp-admin/js/press-this.js

@@ -8 +8 @@
                         $window               = $( window ),
                         $document             = $( document ),
                         saveAlert             = false,
-                        textarea              = document.createElement( 'textarea' ),
                         sidebarIsOpen         = false,
                         settings              = window.wpPressThisConfig || {},
                         data                  = window.wpPressThisData || {},
@@ -56 +55 @@
                 }
 
                 /**
-                 * Strips HTML tags
-                 *
-                 * @param string string Text to have the HTML tags striped out of.
-                 * @returns string Stripped text.
-                 */
-                function stripTags( string ) {
-                        string = string || '';
-
-                        return string
-                                .replace( /<!--[\s\S]*?(-->|$)/g, '' )
-                                .replace( /<(script|style)[^>]*>[\s\S]*?(<\/\1>|$)/ig, '' )
-                                .replace( /<\/?[a-z][\s\S]*?(>|$)/ig, '' );
-                }
-
-                /**
-                 * Strip HTML tags and convert HTML entities.
-                 *
-                 * @param text string Text.
-                 * @returns string Sanitized text.
-                 */
-                function sanitizeText( text ) {
-                        var _text = stripTags( text );
-
-                        try {
-                                textarea.innerHTML = _text;
-                                _text = stripTags( textarea.value );
-                        } catch ( er ) {}
-
-                        return _text;
-                }
-
-                /**
                  * Allow only HTTP or protocol relative URLs.
                  *
                  * @param url string The URL.
@@ -97 +64 @@
                         url = $.trim( url || '' );
 
                         if ( /^(?:https?:)?\/\//.test( url ) ) {
-                                url = stripTags( url );
+                                url = wp.sanitize.stripTags( url );
                                 return url.replace( /["\\]+/g, '' );
                         }
 
@@ -224 +191 @@
                                 $image.replaceWith( $( '<span>' ).text( $image.attr( 'alt' ) ) );
                         });
 
-                        return sanitizeText( $element.text() );
+                        return wp.sanitize.sanitizeText( $element.text() );
                 }
 
                 /**

src/wp-includes/js/utils.js

@@ -195 +195 @@
 
         return wpCookies.getHash( 'wp-settings-' + userSettings.uid ) || {};
 }
+

new file src/wp-includes/js/wp-sanitize.js

@@ +1 @@
+window.wp = window.wp || {};
+
+( function ( $ ) {
+
+        wp.sanitize = {
+
+                        /**
+                         * Strip HTML tags.
+                         *
+                         * @param string string Text to have the HTML tags striped out of.
+                         * @return Stripped text.
+                         */
+                        stripTags: function( string ) {
+                                string = string || '';
+
+                                return string
+                                        .replace( /<!--[\s\S]*?(-->|$)/g, '' )
+                                        .replace( /<(script|style)[^>]*>[\s\S]*?(<\/\1>|$)/ig, '' )
+                                        .replace( /<\/?[a-z][\s\S]*?(>|$)/ig, '' );
+                        },
+
+                        /**
+                         * Strip HTML tags and convert HTML entities.
+                         *
+                         * @param text string Text.
+                         * @return Sanitized text.
+                         */
+                        sanitizeText: function( text ) {
+                                var _text = wp.utils.stripTags( text ),
+                                        textarea = document.createElement( 'textarea' );
+
+                                try {
+                                        textarea.innerHTML = _text;
+                                        _text = wp.utils.stripTags( textarea.value );
+                                } catch ( er ) {}
+
+                                return _text;
+                        }
+        };
+
+}( jQuery ) );

src/wp-includes/script-loader.php

@@ -338 +338 @@
                 ),
         ) );
 
+        $scripts->add( 'wp-sanitize', "/wp-includes/js/wp-sanitize$suffix.js", array('jquery'), false, 1 );
+
         $scripts->add( 'wp-backbone', "/wp-includes/js/wp-backbone$suffix.js", array('backbone', 'wp-util'), false, 1 );
 
         $scripts->add( 'revisions', "/wp-admin/js/revisions$suffix.js", array( 'wp-backbone', 'jquery-ui-slider', 'hoverIntent' ), false, 1 );
@@ -576 +578 @@
                         'permalinkSaved' => __( 'Permalink saved' ),
                 ) );
 
-                $scripts->add( 'press-this', "/wp-admin/js/press-this$suffix.js", array( 'jquery', 'tags-box' ), false, 1 );
+                $scripts->add( 'press-this', "/wp-admin/js/press-this$suffix.js", array( 'jquery', 'tags-box', 'wp-sanitize' ), false, 1 );
                 did_action( 'init' ) && $scripts->localize( 'press-this', 'pressThisL10n', array(
                         'newPost' => __( 'Title' ),
                         'serverError' => __( 'Connection lost or the server is busy. Please try again later.' ),