WordPress.org

Make WordPress Core

Opened 4 years ago

Closed 4 years ago

#34900 closed enhancement (fixed)

Improve unnecessary/false checks in sanitize_post_field()

Reported by: tfrommen Owned by: boonebgorges
Milestone: 4.6 Priority: normal
Severity: normal Version:
Component: Posts, Post Types Keywords:
Focuses: Cc:

Description

Don't check if we're in attribute or JavaScript context if we already know we're in edit or database context.

Attachments (2)

34900.patch (662 bytes) - added by tfrommen 4 years ago.
34900.2.patch (2.6 KB) - added by tfrommen 4 years ago.
Like 34900.patch, but with all the code formatting optimizations you might wish for. ;)

Download all attachments as: .zip

Change History (7)

@tfrommen
4 years ago

@tfrommen
4 years ago

Like 34900.patch, but with all the code formatting optimizations you might wish for. ;)

#1 @swissspidy
4 years ago

  • Keywords close added

As per https://make.wordpress.org/core/2011/03/23/code-refactoring/, code refactoring should not be done for the sake of refactoring.

The check as it currently is doesn't hurt anyone and works.

#2 @tfrommen
4 years ago

I assumed a reaction like yours, that's why I provided two patches: one just fixing what is done wrong (or at least suboptimal).

I didn't question that it works. I rather stated that it is working in a way that can (and should) be improved.

#3 @tfrommen
4 years ago

So, will this get closed now, or is there someone who thinks this might be something worth thinking about?

#4 @boonebgorges
4 years ago

  • Keywords close removed
  • Milestone changed from Awaiting Review to 4.6
  • Owner set to boonebgorges
  • Status changed from new to accepted

34900.2.patch does too much (not all of which is code formatting!) but 34900.patch seems close enough to a bug to warrant addressing.

#5 @boonebgorges
4 years ago

  • Resolution set to fixed
  • Status changed from accepted to closed

In 37220:

In sanitize_post_field(), only run 'attribute' or 'js' escaping when necessary.

Props tfrommen.
Fixes #34900.

Note: See TracTickets for help on using tickets.