WordPress.org

Make WordPress Core

Changeset 15559


Ignore:
Timestamp:
09/02/10 15:06:07 (7 years ago)
Author:
ryan
Message:

Do not run kses on display filters for front page views. see #14758

File:
1 edited

Legend:

Unmodified
Added
Removed
  • trunk/wp-includes/default-filters.php

    r15377 r15559  
    2222// Strip, kses, special chars for string display 
    2323foreach ( array( 'term_name', 'comment_author_name', 'link_name', 'link_target', 'link_rel', 'user_display_name', 'user_first_name', 'user_last_name', 'user_nickname' ) as $filter ) { 
    24     add_filter( $filter, 'sanitize_text_field'  ); 
    25     add_filter( $filter, 'wp_kses_data'       ); 
     24    if ( is_admin() ) { 
     25        // These are expensive. Run only on admin pages for defense in depth. 
     26        add_filter( $filter, 'sanitize_text_field'  ); 
     27        add_filter( $filter, 'wp_kses_data'       ); 
     28    } 
    2629    add_filter( $filter, '_wp_specialchars', 30 ); 
    2730} 
     
    3235} 
    3336 
    34 // Kses only for textarea saves displays 
    35 foreach ( array( 'term_description', 'link_description', 'link_notes', 'user_description' ) as $filter ) { 
    36     add_filter( $filter, 'wp_kses_data' ); 
     37// Kses only for textarea admin displays 
     38if ( is_admin() ) { 
     39    foreach ( array( 'term_description', 'link_description', 'link_notes', 'user_description' ) as $filter ) { 
     40        add_filter( $filter, 'wp_kses_data' ); 
     41    } 
    3742} 
    3843 
     
    4449} 
    4550 
    46 // Email display 
     51// Email admin display 
    4752foreach ( array( 'comment_author_email', 'user_email' ) as $filter ) { 
    4853    add_filter( $filter, 'sanitize_email' ); 
    49     add_filter( $filter, 'wp_kses_data' ); 
     54    if ( is_admin() ) 
     55        add_filter( $filter, 'wp_kses_data' ); 
    5056} 
    5157 
     
    6066// Display URL 
    6167foreach ( array( 'user_url', 'link_url', 'link_image', 'link_rss', 'comment_url' ) as $filter ) { 
    62     add_filter( $filter, 'wp_strip_all_tags' ); 
     68    if ( is_admin() ) 
     69        add_filter( $filter, 'wp_strip_all_tags' ); 
    6370    add_filter( $filter, 'esc_url'           ); 
    64     add_filter( $filter, 'wp_kses_data'    ); 
     71    if ( is_admin() ) 
     72        add_filter( $filter, 'wp_kses_data'    ); 
    6573} 
    6674 
Note: See TracChangeset for help on using the changeset viewer.