| author | ymh <ymh.work@gmail.com> |
| Fri, 05 Sep 2025 18:52:52 +0200 | |
| changeset 22 | 8c2e4d02f4ef |
| parent 21 | 48c4eec2b7e6 |
| permissions | -rw-r--r-- |
|
7
cf61fcea0001
resynchronize code repo with production
ymh <ymh.work@gmail.com>
parents:
diff
changeset
|
1 |
<?php |
|
cf61fcea0001
resynchronize code repo with production
ymh <ymh.work@gmail.com>
parents:
diff
changeset
|
2 |
/** |
|
cf61fcea0001
resynchronize code repo with production
ymh <ymh.work@gmail.com>
parents:
diff
changeset
|
3 |
* Feed API: WP_SimplePie_Sanitize_KSES class |
|
cf61fcea0001
resynchronize code repo with production
ymh <ymh.work@gmail.com>
parents:
diff
changeset
|
4 |
* |
|
cf61fcea0001
resynchronize code repo with production
ymh <ymh.work@gmail.com>
parents:
diff
changeset
|
5 |
* @package WordPress |
|
cf61fcea0001
resynchronize code repo with production
ymh <ymh.work@gmail.com>
parents:
diff
changeset
|
6 |
* @subpackage Feed |
|
cf61fcea0001
resynchronize code repo with production
ymh <ymh.work@gmail.com>
parents:
diff
changeset
|
7 |
* @since 4.7.0 |
|
cf61fcea0001
resynchronize code repo with production
ymh <ymh.work@gmail.com>
parents:
diff
changeset
|
8 |
*/ |
|
cf61fcea0001
resynchronize code repo with production
ymh <ymh.work@gmail.com>
parents:
diff
changeset
|
9 |
|
|
22
8c2e4d02f4ef
Update WordPress to latest version (6.7)
ymh <ymh.work@gmail.com>
parents:
21
diff
changeset
|
10 |
// Don't load directly. |
|
8c2e4d02f4ef
Update WordPress to latest version (6.7)
ymh <ymh.work@gmail.com>
parents:
21
diff
changeset
|
11 |
if ( ! defined( 'ABSPATH' ) ) { |
|
8c2e4d02f4ef
Update WordPress to latest version (6.7)
ymh <ymh.work@gmail.com>
parents:
21
diff
changeset
|
12 |
die( '-1' ); |
|
8c2e4d02f4ef
Update WordPress to latest version (6.7)
ymh <ymh.work@gmail.com>
parents:
21
diff
changeset
|
13 |
} |
|
8c2e4d02f4ef
Update WordPress to latest version (6.7)
ymh <ymh.work@gmail.com>
parents:
21
diff
changeset
|
14 |
|
|
7
cf61fcea0001
resynchronize code repo with production
ymh <ymh.work@gmail.com>
parents:
diff
changeset
|
15 |
/** |
| 19 | 16 |
* Core class used to implement SimplePie feed sanitization. |
|
7
cf61fcea0001
resynchronize code repo with production
ymh <ymh.work@gmail.com>
parents:
diff
changeset
|
17 |
* |
|
22
8c2e4d02f4ef
Update WordPress to latest version (6.7)
ymh <ymh.work@gmail.com>
parents:
21
diff
changeset
|
18 |
* Extends the SimplePie\Sanitize class to use KSES, because |
|
7
cf61fcea0001
resynchronize code repo with production
ymh <ymh.work@gmail.com>
parents:
diff
changeset
|
19 |
* we cannot universally count on DOMDocument being available. |
|
cf61fcea0001
resynchronize code repo with production
ymh <ymh.work@gmail.com>
parents:
diff
changeset
|
20 |
* |
|
cf61fcea0001
resynchronize code repo with production
ymh <ymh.work@gmail.com>
parents:
diff
changeset
|
21 |
* @since 3.5.0 |
|
cf61fcea0001
resynchronize code repo with production
ymh <ymh.work@gmail.com>
parents:
diff
changeset
|
22 |
*/ |
|
21
48c4eec2b7e6
Add CLAUDE.md documentation and sync WordPress core files
ymh <ymh.work@gmail.com>
parents:
19
diff
changeset
|
23 |
#[AllowDynamicProperties] |
|
22
8c2e4d02f4ef
Update WordPress to latest version (6.7)
ymh <ymh.work@gmail.com>
parents:
21
diff
changeset
|
24 |
class WP_SimplePie_Sanitize_KSES extends SimplePie\Sanitize { |
|
7
cf61fcea0001
resynchronize code repo with production
ymh <ymh.work@gmail.com>
parents:
diff
changeset
|
25 |
|
|
cf61fcea0001
resynchronize code repo with production
ymh <ymh.work@gmail.com>
parents:
diff
changeset
|
26 |
/** |
|
cf61fcea0001
resynchronize code repo with production
ymh <ymh.work@gmail.com>
parents:
diff
changeset
|
27 |
* WordPress SimplePie sanitization using KSES. |
|
cf61fcea0001
resynchronize code repo with production
ymh <ymh.work@gmail.com>
parents:
diff
changeset
|
28 |
* |
|
cf61fcea0001
resynchronize code repo with production
ymh <ymh.work@gmail.com>
parents:
diff
changeset
|
29 |
* Sanitizes the incoming data, to ensure that it matches the type of data expected, using KSES. |
|
cf61fcea0001
resynchronize code repo with production
ymh <ymh.work@gmail.com>
parents:
diff
changeset
|
30 |
* |
|
cf61fcea0001
resynchronize code repo with production
ymh <ymh.work@gmail.com>
parents:
diff
changeset
|
31 |
* @since 3.5.0 |
|
cf61fcea0001
resynchronize code repo with production
ymh <ymh.work@gmail.com>
parents:
diff
changeset
|
32 |
* |
|
cf61fcea0001
resynchronize code repo with production
ymh <ymh.work@gmail.com>
parents:
diff
changeset
|
33 |
* @param mixed $data The data that needs to be sanitized. |
| 18 | 34 |
* @param int $type The type of data that it's supposed to be. |
|
7
cf61fcea0001
resynchronize code repo with production
ymh <ymh.work@gmail.com>
parents:
diff
changeset
|
35 |
* @param string $base Optional. The `xml:base` value to use when converting relative |
|
cf61fcea0001
resynchronize code repo with production
ymh <ymh.work@gmail.com>
parents:
diff
changeset
|
36 |
* URLs to absolute ones. Default empty. |
|
cf61fcea0001
resynchronize code repo with production
ymh <ymh.work@gmail.com>
parents:
diff
changeset
|
37 |
* @return mixed Sanitized data. |
|
cf61fcea0001
resynchronize code repo with production
ymh <ymh.work@gmail.com>
parents:
diff
changeset
|
38 |
*/ |
|
cf61fcea0001
resynchronize code repo with production
ymh <ymh.work@gmail.com>
parents:
diff
changeset
|
39 |
public function sanitize( $data, $type, $base = '' ) { |
|
cf61fcea0001
resynchronize code repo with production
ymh <ymh.work@gmail.com>
parents:
diff
changeset
|
40 |
$data = trim( $data ); |
|
22
8c2e4d02f4ef
Update WordPress to latest version (6.7)
ymh <ymh.work@gmail.com>
parents:
21
diff
changeset
|
41 |
if ( $type & SimplePie\SimplePie::CONSTRUCT_MAYBE_HTML ) { |
| 9 | 42 |
if ( preg_match( '/(&(#(x[0-9a-fA-F]+|[0-9]+)|[a-zA-Z0-9]+)|<\/[A-Za-z][^\x09\x0A\x0B\x0C\x0D\x20\x2F\x3E]*' . SIMPLEPIE_PCRE_HTML_ATTRIBUTE . '>)/', $data ) ) { |
|
22
8c2e4d02f4ef
Update WordPress to latest version (6.7)
ymh <ymh.work@gmail.com>
parents:
21
diff
changeset
|
43 |
$type |= SimplePie\SimplePie::CONSTRUCT_HTML; |
| 9 | 44 |
} else { |
|
22
8c2e4d02f4ef
Update WordPress to latest version (6.7)
ymh <ymh.work@gmail.com>
parents:
21
diff
changeset
|
45 |
$type |= SimplePie\SimplePie::CONSTRUCT_TEXT; |
|
7
cf61fcea0001
resynchronize code repo with production
ymh <ymh.work@gmail.com>
parents:
diff
changeset
|
46 |
} |
|
cf61fcea0001
resynchronize code repo with production
ymh <ymh.work@gmail.com>
parents:
diff
changeset
|
47 |
} |
|
22
8c2e4d02f4ef
Update WordPress to latest version (6.7)
ymh <ymh.work@gmail.com>
parents:
21
diff
changeset
|
48 |
if ( $type & SimplePie\SimplePie::CONSTRUCT_BASE64 ) { |
|
7
cf61fcea0001
resynchronize code repo with production
ymh <ymh.work@gmail.com>
parents:
diff
changeset
|
49 |
$data = base64_decode( $data ); |
|
cf61fcea0001
resynchronize code repo with production
ymh <ymh.work@gmail.com>
parents:
diff
changeset
|
50 |
} |
|
22
8c2e4d02f4ef
Update WordPress to latest version (6.7)
ymh <ymh.work@gmail.com>
parents:
21
diff
changeset
|
51 |
if ( $type & ( SimplePie\SimplePie::CONSTRUCT_HTML | \SimplePie\SimplePie::CONSTRUCT_XHTML ) ) { |
|
7
cf61fcea0001
resynchronize code repo with production
ymh <ymh.work@gmail.com>
parents:
diff
changeset
|
52 |
$data = wp_kses_post( $data ); |
| 16 | 53 |
if ( 'UTF-8' !== $this->output_encoding ) { |
|
7
cf61fcea0001
resynchronize code repo with production
ymh <ymh.work@gmail.com>
parents:
diff
changeset
|
54 |
$data = $this->registry->call( 'Misc', 'change_encoding', array( $data, 'UTF-8', $this->output_encoding ) ); |
|
cf61fcea0001
resynchronize code repo with production
ymh <ymh.work@gmail.com>
parents:
diff
changeset
|
55 |
} |
|
cf61fcea0001
resynchronize code repo with production
ymh <ymh.work@gmail.com>
parents:
diff
changeset
|
56 |
return $data; |
|
cf61fcea0001
resynchronize code repo with production
ymh <ymh.work@gmail.com>
parents:
diff
changeset
|
57 |
} else { |
|
cf61fcea0001
resynchronize code repo with production
ymh <ymh.work@gmail.com>
parents:
diff
changeset
|
58 |
return parent::sanitize( $data, $type, $base ); |
|
cf61fcea0001
resynchronize code repo with production
ymh <ymh.work@gmail.com>
parents:
diff
changeset
|
59 |
} |
|
cf61fcea0001
resynchronize code repo with production
ymh <ymh.work@gmail.com>
parents:
diff
changeset
|
60 |
} |
|
cf61fcea0001
resynchronize code repo with production
ymh <ymh.work@gmail.com>
parents:
diff
changeset
|
61 |
} |