Changeset 41061
- Timestamp:
- 07/15/2017 03:47:16 PM (7 years ago)
- Location:
- trunk/src
- Files:
-
- 1 added
- 3 edited
Legend:
- Unmodified
- Added
- Removed
-
trunk/src/wp-admin/js/press-this.js
r35567 r41061 9 9 $document = $( document ), 10 10 saveAlert = false, 11 textarea = document.createElement( 'textarea' ),12 11 sidebarIsOpen = false, 13 12 settings = window.wpPressThisConfig || {}, … … 57 56 58 57 /** 59 * Strips HTML tags60 *61 * @param string string Text to have the HTML tags striped out of.62 * @returns string Stripped text.63 */64 function stripTags( string ) {65 string = string || '';66 67 return string68 .replace( /<!--[\s\S]*?(-->|$)/g, '' )69 .replace( /<(script|style)[^>]*>[\s\S]*?(<\/\1>|$)/ig, '' )70 .replace( /<\/?[a-z][\s\S]*?(>|$)/ig, '' );71 }72 73 /**74 * Strip HTML tags and convert HTML entities.75 *76 * @param text string Text.77 * @returns string Sanitized text.78 */79 function sanitizeText( text ) {80 var _text = stripTags( text );81 82 try {83 textarea.innerHTML = _text;84 _text = stripTags( textarea.value );85 } catch ( er ) {}86 87 return _text;88 }89 90 /**91 58 * Allow only HTTP or protocol relative URLs. 92 59 * … … 98 65 99 66 if ( /^(?:https?:)?\/\//.test( url ) ) { 100 url = stripTags( url );67 url = wp.sanitize.stripTags( url ); 101 68 return url.replace( /["\\]+/g, '' ); 102 69 } … … 225 192 }); 226 193 227 return sanitizeText( $element.text() );194 return wp.sanitize.sanitizeText( $element.text() ); 228 195 } 229 196 -
trunk/src/wp-includes/js/utils.js
r39051 r41061 196 196 return wpCookies.getHash( 'wp-settings-' + userSettings.uid ) || {}; 197 197 } 198 -
trunk/src/wp-includes/script-loader.php
r41050 r41061 339 339 ) ); 340 340 341 $scripts->add( 'wp-sanitize', "/wp-includes/js/wp-sanitize$suffix.js", array('jquery'), false, 1 ); 342 341 343 $scripts->add( 'wp-backbone', "/wp-includes/js/wp-backbone$suffix.js", array('backbone', 'wp-util'), false, 1 ); 342 344 … … 577 579 ) ); 578 580 579 $scripts->add( 'press-this', "/wp-admin/js/press-this$suffix.js", array( 'jquery', 'tags-box' ), false, 1 );581 $scripts->add( 'press-this', "/wp-admin/js/press-this$suffix.js", array( 'jquery', 'tags-box', 'wp-sanitize' ), false, 1 ); 580 582 did_action( 'init' ) && $scripts->localize( 'press-this', 'pressThisL10n', array( 581 583 'newPost' => __( 'Title' ),
Note: See TracChangeset
for help on using the changeset viewer.