mirror of
https://github.com/WordPress/WordPress.git
synced 2024-12-22 17:18:32 +01:00
ed37f855ce
The most notable change in this update is that all code is now namespaced and uses PSR-4 classes, though there is a compatibility layer available for extenders using the older class names, so plugin or theme authors directly using SimplePie can decide for themselves when they want to change to using the namespaced names for SimplePie classes. Note: This commit includes additional fixes for PHP 8.4 compatibility ([https://github.com/simplepie/simplepie/pull/875 PR 875], [https://github.com/simplepie/simplepie/pull/888 PR 888]) from the `one-dot-eight` branch of SimplePie, which is expected to be [https://github.com/simplepie/simplepie/pull/886 released as SimplePie 1.8.1] soon. References: * [https://github.com/simplepie/simplepie/releases/tag/1.8.0 SimplePie 1.8.0 release notes] * [https://github.com/simplepie/simplepie/releases/tag/1.7.0 SimplePie 1.7.0 release notes] * [https://github.com/simplepie/simplepie/releases/tag/1.6.0 SimplePie 1.6.0 release notes] * [https://github.com/simplepie/simplepie/compare/1.5.8...1.8.0 Full list of changes in SimplePie 1.8.0] Follow-up to [47733], [49176], [52393], [52413]. Props jrf, peterwilsoncc, chaion07, cu121, markparnell, audrasjb, costdev, Presskopp, desrosj, faisal03, mukesh27, SergeyBiryukov. See #55604. Built from https://develop.svn.wordpress.org/trunk@59141 git-svn-id: http://core.svn.wordpress.org/trunk@58537 1a063a9b-81f0-0310-95a4-ce76da25c4cd
57 lines
1.8 KiB
PHP
57 lines
1.8 KiB
PHP
<?php
|
|
/**
|
|
* Feed API: WP_SimplePie_Sanitize_KSES class
|
|
*
|
|
* @package WordPress
|
|
* @subpackage Feed
|
|
* @since 4.7.0
|
|
*/
|
|
|
|
/**
|
|
* Core class used to implement SimplePie feed sanitization.
|
|
*
|
|
* Extends the SimplePie\Sanitize class to use KSES, because
|
|
* we cannot universally count on DOMDocument being available.
|
|
*
|
|
* @since 3.5.0
|
|
*/
|
|
#[AllowDynamicProperties]
|
|
class WP_SimplePie_Sanitize_KSES extends SimplePie\Sanitize {
|
|
|
|
/**
|
|
* WordPress SimplePie sanitization using KSES.
|
|
*
|
|
* Sanitizes the incoming data, to ensure that it matches the type of data expected, using KSES.
|
|
*
|
|
* @since 3.5.0
|
|
*
|
|
* @param mixed $data The data that needs to be sanitized.
|
|
* @param int $type The type of data that it's supposed to be.
|
|
* @param string $base Optional. The `xml:base` value to use when converting relative
|
|
* URLs to absolute ones. Default empty.
|
|
* @return mixed Sanitized data.
|
|
*/
|
|
public function sanitize( $data, $type, $base = '' ) {
|
|
$data = trim( $data );
|
|
if ( $type & SimplePie\SimplePie::CONSTRUCT_MAYBE_HTML ) {
|
|
if ( preg_match( '/(&(#(x[0-9a-fA-F]+|[0-9]+)|[a-zA-Z0-9]+)|<\/[A-Za-z][^\x09\x0A\x0B\x0C\x0D\x20\x2F\x3E]*' . SIMPLEPIE_PCRE_HTML_ATTRIBUTE . '>)/', $data ) ) {
|
|
$type |= SimplePie\SimplePie::CONSTRUCT_HTML;
|
|
} else {
|
|
$type |= SimplePie\SimplePie::CONSTRUCT_TEXT;
|
|
}
|
|
}
|
|
if ( $type & SimplePie\SimplePie::CONSTRUCT_BASE64 ) {
|
|
$data = base64_decode( $data );
|
|
}
|
|
if ( $type & ( SimplePie\SimplePie::CONSTRUCT_HTML | \SimplePie\SimplePie::CONSTRUCT_XHTML ) ) {
|
|
$data = wp_kses_post( $data );
|
|
if ( 'UTF-8' !== $this->output_encoding ) {
|
|
$data = $this->registry->call( 'Misc', 'change_encoding', array( $data, 'UTF-8', $this->output_encoding ) );
|
|
}
|
|
return $data;
|
|
} else {
|
|
return parent::sanitize( $data, $type, $base );
|
|
}
|
|
}
|
|
}
|