Fix various encoding issues (#477)
* fix html-entity issue in username * remove kses let other platforms decide what to allow and what not * Remove html_entity_decode to prevent encoding issues (#454) I've tested this on content which includes MarkDown, HTML, encoded entities, unencoded entities, etc. Fixes #445 Co-authored-by: Matthias Pfefferle <pfefferle@users.noreply.github.com> * remove allowed tags --------- Co-authored-by: Terence Eden <edent@users.noreply.github.com>
This commit is contained in:
Matthias Pfefferle
GitHub
parent
46b1b4797a
commit
336f3e5a62
2 changed files with 7 additions and 55 deletions
|
|
@ -67,7 +67,13 @@ class Blog_User extends User {
|
||||||
* @return string The User-Name.
|
* @return string The User-Name.
|
||||||
*/
|
*/
|
||||||
public function get_name() {
|
public function get_name() {
|
||||||
return \esc_html( \get_bloginfo( 'name' ) );
|
return \wp_strip_all_tags(
|
||||||
|
\html_entity_decode(
|
||||||
|
\get_bloginfo( 'name' ),
|
||||||
|
\ENT_QUOTES,
|
||||||
|
'UTF-8'
|
||||||
|
)
|
||||||
|
);
|
||||||
}
|
}
|
||||||
|
|
||||||
/**
|
/**
|
||||||
|
|
|
||||||
|
|
@ -30,58 +30,6 @@ class Post {
|
||||||
*/
|
*/
|
||||||
protected $wp_post;
|
protected $wp_post;
|
||||||
|
|
||||||
/**
|
|
||||||
* The Allowed Tags, used in the content.
|
|
||||||
*
|
|
||||||
* @var array
|
|
||||||
*/
|
|
||||||
protected $allowed_tags = array(
|
|
||||||
'a' => array(
|
|
||||||
'href' => array(),
|
|
||||||
'title' => array(),
|
|
||||||
'class' => array(),
|
|
||||||
'rel' => array(),
|
|
||||||
),
|
|
||||||
'br' => array(),
|
|
||||||
'p' => array(
|
|
||||||
'class' => array(),
|
|
||||||
),
|
|
||||||
'span' => array(
|
|
||||||
'class' => array(),
|
|
||||||
),
|
|
||||||
'div' => array(
|
|
||||||
'class' => array(),
|
|
||||||
),
|
|
||||||
'ul' => array(),
|
|
||||||
'ol' => array(
|
|
||||||
'reversed' => array(),
|
|
||||||
'start' => array(),
|
|
||||||
),
|
|
||||||
'li' => array(
|
|
||||||
'value' => array(),
|
|
||||||
),
|
|
||||||
'strong' => array(
|
|
||||||
'class' => array(),
|
|
||||||
),
|
|
||||||
'b' => array(
|
|
||||||
'class' => array(),
|
|
||||||
),
|
|
||||||
'i' => array(
|
|
||||||
'class' => array(),
|
|
||||||
),
|
|
||||||
'em' => array(
|
|
||||||
'class' => array(),
|
|
||||||
),
|
|
||||||
'blockquote' => array(),
|
|
||||||
'cite' => array(),
|
|
||||||
'code' => array(
|
|
||||||
'class' => array(),
|
|
||||||
),
|
|
||||||
'pre' => array(
|
|
||||||
'class' => array(),
|
|
||||||
),
|
|
||||||
);
|
|
||||||
|
|
||||||
/**
|
/**
|
||||||
* Static function to Transform a WP_Post Object.
|
* Static function to Transform a WP_Post Object.
|
||||||
*
|
*
|
||||||
|
|
@ -513,13 +461,11 @@ class Post {
|
||||||
$content = do_shortcode( $content );
|
$content = do_shortcode( $content );
|
||||||
wp_reset_postdata();
|
wp_reset_postdata();
|
||||||
|
|
||||||
$content = \wp_kses( $content, $this->allowed_tags );
|
|
||||||
$content = \wpautop( $content );
|
$content = \wpautop( $content );
|
||||||
$content = \preg_replace( '/[\n\r\t]/', '', $content );
|
$content = \preg_replace( '/[\n\r\t]/', '', $content );
|
||||||
$content = \trim( $content );
|
$content = \trim( $content );
|
||||||
|
|
||||||
$content = \apply_filters( 'activitypub_the_content', $content, $post );
|
$content = \apply_filters( 'activitypub_the_content', $content, $post );
|
||||||
$content = \html_entity_decode( $content, \ENT_QUOTES, 'UTF-8' );
|
|
||||||
|
|
||||||
return $content;
|
return $content;
|
||||||
}
|
}
|
||||||
|
|
|
||||||
Loading…
Reference in a new issue