Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Update sanitization reporting #951

Merged
merged 5 commits into from
Feb 15, 2018
Merged

Update sanitization reporting #951

merged 5 commits into from
Feb 15, 2018

Conversation

westonruter
Copy link
Member

@westonruter westonruter commented Feb 10, 2018
edited by kienstra
Loading

Follow-up on #912 for #843.

  • Eliminate sanitization reporting during save_post action in favor of doing it inline when loading the edit post screen.
  • Make sure that AMP embeds are run prior to sanitization.

This PR could also include parts from #842 if we want.

@westonruter westonruter added this to the v0.7 milestone Feb 10, 2018
kienstra
kienstra reviewed Feb 13, 2018
View reviewed changes
Copy link
Contributor

@kienstra kienstra left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Commits Approved

Hi @westonruter,
Thanks a lot for your commits here. It's nice how this gets the count of elements and attributes in track_removed(), instead of every time one is added.

I'll continue by applying the 2 checkbox points you made.

Ryan Kienstra added 3 commits February 13, 2018 13:31
Issue #843: Move Sanitization reporting to 'edit_form_top.'
2305fcb 
Before, this was on the 'save_post' action.
But as Weston mentioned,
this could be in one place,
and this removes the need for a nonce.
Also, remove the function is_authorized().
This checked for a nonce.
Replace this with the existing has_cap().
Issue #843: Prevent displayling extra errors for <p>.
e7f896d 
Because 'wpautop' runs on 'the_content',
process_markup() showed errors from removing <p> tags.
For example, it created this markup:
<p><script async src=https://example.com/script></script></p>
It seemed to have removed the <p> tag,
As it contained a disallowed element.
But it's not needed to report that the <p> is removed.
So remove 'wpautop' as a callback for 'the_content.'
Gutenberg also does this, unless the post has no block.
@see gutenberg_wpautop().
Issue #843: Exit early if ! has_cap().
18a877e 
Instead of wrapping the 'invalid_callback' in this,
simply exist process_markup().
If that callback isn't added,
there's no need for the rest of the function.
@westonruter
Copy link
Member Author

The fix to embeds here should prevent this from happening on #954:

image

@westonruter westonruter changed the title [WIP] Update sanitization reporting Update sanitization reporting Feb 15, 2018
@westonruter westonruter merged commit acf84e6 into develop Feb 15, 2018
@westonruter westonruter deleted the update/sanitization-reporting branch February 15, 2018 09:17
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@kienstra kienstra kienstra approved these changes

Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
v0.7
Development

Successfully merging this pull request may close these issues.
2 participants
@westonruter @kienstra