Move `sanitizeText` and `stripTags` from press this to `wp.sanitize`.

Introduce the `wp.sanitize` namespace and add two helpers for text sanitization. `stripTags` strips HTML tags from a string using regex. Fixes #40635. Built from https://develop.svn.wordpress.org/trunk@41061 git-svn-id: http://core.svn.wordpress.org/trunk@40911 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2017-07-15 15:48:46 +00:00 · 2017-07-15 15:48:46 +00:00 · 499e2a0ff9
parent 6625f0c551
commit 499e2a0ff9
7 changed files with 56 additions and 38 deletions
--- a/wp-admin/js/press-this.js
+++ b/wp-admin/js/press-this.js
@ -8,7 +8,6 @@
 			$window               = $( window ),
 			$document             = $( document ),
 			saveAlert             = false,
-			textarea              = document.createElement( 'textarea' ),
 			sidebarIsOpen         = false,
 			settings              = window.wpPressThisConfig || {},
 			data                  = window.wpPressThisData || {},
@ -55,38 +54,6 @@
 			return key || '';
 		}

-		/**
-		 * Strips HTML tags
-		 *
-		 * @param string string Text to have the HTML tags striped out of.
-		 * @returns string Stripped text.
-		 */
-		function stripTags( string ) {
-			string = string || '';
-
-			return string
-				.replace( /<!--[\s\S]*?(-->|$)/g, '' )
-				.replace( /<(script|style)[^>]*>[\s\S]*?(<\/\1>|$)/ig, '' )
-				.replace( /<\/?[a-z][\s\S]*?(>|$)/ig, '' );
-		}
-
-		/**
-		 * Strip HTML tags and convert HTML entities.
-		 *
-		 * @param text string Text.
-		 * @returns string Sanitized text.
-		 */
-		function sanitizeText( text ) {
-			var _text = stripTags( text );
-
-			try {
-				textarea.innerHTML = _text;
-				_text = stripTags( textarea.value );
-			} catch ( er ) {}
-
-			return _text;
-		}
-
 		/**
 		 * Allow only HTTP or protocol relative URLs.
 		 *
@ -97,7 +64,7 @@
 			url = $.trim( url || '' );

 			if ( /^(?:https?:)?\/\//.test( url ) ) {
-				url = stripTags( url );
+				url = wp.sanitize.stripTags( url );
 				return url.replace( /["\\]+/g, '' );
 			}

@ -224,7 +191,7 @@
 				$image.replaceWith( $( '<span>' ).text( $image.attr( 'alt' ) ) );
 			});

-			return sanitizeText( $element.text() );
+			return wp.sanitize.sanitizeText( $element.text() );
 		}

 		/**
--- a/wp-admin/js/press-this.min.js
+++ b/wp-admin/js/press-this.min.js
--- a/wp-includes/js/utils.js
+++ b/wp-includes/js/utils.js
@ -195,3 +195,4 @@ function getAllUserSettings() {

 	return wpCookies.getHash( 'wp-settings-' + userSettings.uid ) || {};
 }
+
--- a/wp-includes/js/wp-sanitize.js
+++ b/wp-includes/js/wp-sanitize.js
@ -0,0 +1,47 @@
+( function () {
+
+	window.wp = window.wp || {};
+
+	/**
+	 * wp.sanitize
+	 *
+	 * Helper functions to sanitize strings.
+	 */
+	wp.sanitize = {
+
+		/**
+		 * Strip HTML tags.
+		 *
+		 * @param {string} text Text to have the HTML tags striped out of.
+		 *
+		 * @return  Stripped text.
+		 */
+		stripTags: function( text ) {
+			text = text || '';
+
+			return text
+				.replace( /<!--[\s\S]*?(-->|$)/g, '' )
+				.replace( /<(script|style)[^>]*>[\s\S]*?(<\/\1>|$)/ig, '' )
+				.replace( /<\/?[a-z][\s\S]*?(>|$)/ig, '' );
+		},
+
+		/**
+		 * Strip HTML tags and convert HTML entities.
+		 *
+		 * @param {string} text Text to strip tags and convert HTML entities.
+		 *
+		 * @return Sanitized text. False on failure.
+		 */
+		sanitizeText: function( text ) {
+			var _text = wp.utils.stripTags( text ),
+				textarea = document.createElement( 'textarea' );
+
+			try {
+				textarea.innerHTML = _text;
+				_text = wp.utils.stripTags( textarea.value );
+			} catch ( er ) {}
+
+			return _text;
+		}
+	};
+}() );
--- a/wp-includes/js/wp-sanitize.min.js
+++ b/wp-includes/js/wp-sanitize.min.js
@ -0,0 +1 @@
+!function(){window.wp=window.wp||{},wp.sanitize={stripTags:function(a){return a=a||"",a.replace(/<!--[\s\S]*?(-->|$)/g,"").replace(/<(script|style)[^>]*>[\s\S]*?(<\/\1>|$)/gi,"").replace(/<\/?[a-z][\s\S]*?(>|$)/gi,"")},sanitizeText:function(a){var b=wp.utils.stripTags(a),c=document.createElement("textarea");try{c.innerHTML=b,b=wp.utils.stripTags(c.value)}catch(d){}return b}}}();
--- a/wp-includes/script-loader.php
+++ b/wp-includes/script-loader.php
@ -338,6 +338,8 @@ function wp_default_scripts( &$scripts ) {
 		),
 	) );

+	$scripts->add( 'wp-sanitize', "/wp-includes/js/wp-sanitize$suffix.js", array('jquery'), false, 1 );
+
 	$scripts->add( 'wp-backbone', "/wp-includes/js/wp-backbone$suffix.js", array('backbone', 'wp-util'), false, 1 );

 	$scripts->add( 'revisions', "/wp-admin/js/revisions$suffix.js", array( 'wp-backbone', 'jquery-ui-slider', 'hoverIntent' ), false, 1 );
@ -576,7 +578,7 @@ function wp_default_scripts( &$scripts ) {
 			'permalinkSaved' => __( 'Permalink saved' ),
 		) );

-		$scripts->add( 'press-this', "/wp-admin/js/press-this$suffix.js", array( 'jquery', 'tags-box' ), false, 1 );
+		$scripts->add( 'press-this', "/wp-admin/js/press-this$suffix.js", array( 'jquery', 'tags-box', 'wp-sanitize' ), false, 1 );
 		did_action( 'init' ) && $scripts->localize( 'press-this', 'pressThisL10n', array(
 			'newPost' => __( 'Title' ),
 			'serverError' => __( 'Connection lost or the server is busy. Please try again later.' ),
--- a/wp-includes/version.php
+++ b/wp-includes/version.php
@ -4,7 +4,7 @@
 *
 * @global string $wp_version
 */
-$wp_version = '4.9-alpha-41060';
+$wp_version = '4.9-alpha-41061';

 /**
 * Holds the WordPress DB revision, increments when changes are made to the WordPress DB schema.
				`@ -0,0 +1 @@`
				`!function(){window.wp=window.wp\|\|{},wp.sanitize={stripTags:function(a){return a=a\|\|"",a.replace(/<!--[\s\S]?(-->\|$)/g,"").replace(/<(script\|style)[^>]>[\s\S]?(<\/\1>\|$)/gi,"").replace(/<\/?[a-z][\s\S]?(>\|$)/gi,"")},sanitizeText:function(a){var b=wp.utils.stripTags(a),c=document.createElement("textarea");try{c.innerHTML=b,b=wp.utils.stripTags(c.value)}catch(d){}return b}}}();`