diff --git src/wp-admin/js/press-this.js src/wp-admin/js/press-this.js
index bf2e830..4f5da56 100644
|
|
|
8 | 8 | $window = $( window ), |
9 | 9 | $document = $( document ), |
10 | 10 | saveAlert = false, |
11 | | textarea = document.createElement( 'textarea' ), |
12 | 11 | sidebarIsOpen = false, |
13 | 12 | settings = window.wpPressThisConfig || {}, |
14 | 13 | data = window.wpPressThisData || {}, |
… |
… |
|
56 | 55 | } |
57 | 56 | |
58 | 57 | /** |
59 | | * Strips HTML tags |
60 | | * |
61 | | * @param string string Text to have the HTML tags striped out of. |
62 | | * @returns string Stripped text. |
63 | | */ |
64 | | function stripTags( string ) { |
65 | | string = string || ''; |
66 | | |
67 | | return string |
68 | | .replace( /<!--[\s\S]*?(-->|$)/g, '' ) |
69 | | .replace( /<(script|style)[^>]*>[\s\S]*?(<\/\1>|$)/ig, '' ) |
70 | | .replace( /<\/?[a-z][\s\S]*?(>|$)/ig, '' ); |
71 | | } |
72 | | |
73 | | /** |
74 | | * Strip HTML tags and convert HTML entities. |
75 | | * |
76 | | * @param text string Text. |
77 | | * @returns string Sanitized text. |
78 | | */ |
79 | | function sanitizeText( text ) { |
80 | | var _text = stripTags( text ); |
81 | | |
82 | | try { |
83 | | textarea.innerHTML = _text; |
84 | | _text = stripTags( textarea.value ); |
85 | | } catch ( er ) {} |
86 | | |
87 | | return _text; |
88 | | } |
89 | | |
90 | | /** |
91 | 58 | * Allow only HTTP or protocol relative URLs. |
92 | 59 | * |
93 | 60 | * @param url string The URL. |
… |
… |
|
97 | 64 | url = $.trim( url || '' ); |
98 | 65 | |
99 | 66 | if ( /^(?:https?:)?\/\//.test( url ) ) { |
100 | | url = stripTags( url ); |
| 67 | url = wp.utils.stripTags( url ); |
101 | 68 | return url.replace( /["\\]+/g, '' ); |
102 | 69 | } |
103 | 70 | |
… |
… |
|
224 | 191 | $image.replaceWith( $( '<span>' ).text( $image.attr( 'alt' ) ) ); |
225 | 192 | }); |
226 | 193 | |
227 | | return sanitizeText( $element.text() ); |
| 194 | return wp.utils.sanitizeText( $element.text() ); |
228 | 195 | } |
229 | 196 | |
230 | 197 | /** |
diff --git src/wp-includes/js/utils.js src/wp-includes/js/utils.js
index d8fa7d8..f43b362 100644
|
|
function getAllUserSettings() { |
195 | 195 | |
196 | 196 | return wpCookies.getHash( 'wp-settings-' + userSettings.uid ) || {}; |
197 | 197 | } |
| 198 | |
| 199 | window.wp = window.wp || {}; |
| 200 | wp.utils = { |
| 201 | |
| 202 | /** |
| 203 | * Strip HTML tags. |
| 204 | * |
| 205 | * @param string string Text to have the HTML tags striped out of. |
| 206 | * @return Stripped text. |
| 207 | */ |
| 208 | stripTags: function( string ) { |
| 209 | string = string || ''; |
| 210 | |
| 211 | return string |
| 212 | .replace( /<!--[\s\S]*?(-->|$)/g, '' ) |
| 213 | .replace( /<(script|style)[^>]*>[\s\S]*?(<\/\1>|$)/ig, '' ) |
| 214 | .replace( /<\/?[a-z][\s\S]*?(>|$)/ig, '' ); |
| 215 | }, |
| 216 | |
| 217 | /** |
| 218 | * Strip HTML tags and convert HTML entities. |
| 219 | * |
| 220 | * @param text string Text. |
| 221 | * @return Sanitized text. |
| 222 | */ |
| 223 | sanitizeText: function( text ) { |
| 224 | var _text = wp.utils.stripTags( text ), |
| 225 | textarea = document.createElement( 'textarea' ); |
| 226 | |
| 227 | try { |
| 228 | textarea.innerHTML = _text; |
| 229 | _text = wp.utils.stripTags( textarea.value ); |
| 230 | } catch ( er ) {} |
| 231 | |
| 232 | return _text; |
| 233 | } |
| 234 | }; |
diff --git src/wp-includes/script-loader.php src/wp-includes/script-loader.php
index def438c..5c152a1 100644
|
|
function wp_default_scripts( &$scripts ) { |
576 | 576 | 'permalinkSaved' => __( 'Permalink saved' ), |
577 | 577 | ) ); |
578 | 578 | |
579 | | $scripts->add( 'press-this', "/wp-admin/js/press-this$suffix.js", array( 'jquery', 'tags-box' ), false, 1 ); |
| 579 | $scripts->add( 'press-this', "/wp-admin/js/press-this$suffix.js", array( 'jquery', 'tags-box', 'utils' ), false, 1 ); |
580 | 580 | did_action( 'init' ) && $scripts->localize( 'press-this', 'pressThisL10n', array( |
581 | 581 | 'newPost' => __( 'Title' ), |
582 | 582 | 'serverError' => __( 'Connection lost or the server is busy. Please try again later.' ), |