Move sanitizeText and stripTags from press this to wp.sanitize.

Introduce the `wp.sanitize` namespace and add two helpers for text sanitization. `stripTags` strips HTML tags from a string using regex. Fixes #40635. git-svn-id: https://develop.svn.wordpress.org/trunk@41061 602fd350-edb4-49c9-b593-d223f7449a82
2026-05-19 18:54:26 +00:00 · 2017-07-15 15:47:16 +00:00
parent 55bb567e0f
commit d2e18ea761
4 changed files with 53 additions and 36 deletions
--- a/src/wp-includes/js/utils.js
+++ b/src/wp-includes/js/utils.js
@@ -195,3 +195,4 @@ function getAllUserSettings() {

 	return wpCookies.getHash( 'wp-settings-' + userSettings.uid ) || {};
 }
+
--- a/src/wp-includes/js/wp-sanitize.js
+++ b/src/wp-includes/js/wp-sanitize.js
@@ -0,0 +1,47 @@
+( function () {
+
+	window.wp = window.wp || {};
+
+	/**
+	 * wp.sanitize
+	 *
+	 * Helper functions to sanitize strings.
+	 */
+	wp.sanitize = {
+
+		/**
+		 * Strip HTML tags.
+		 *
+		 * @param {string} text Text to have the HTML tags striped out of.
+		 *
+		 * @return  Stripped text.
+		 */
+		stripTags: function( text ) {
+			text = text || '';
+
+			return text
+				.replace( /<!--[\s\S]*?(-->|$)/g, '' )
+				.replace( /<(script|style)[^>]*>[\s\S]*?(<\/\1>|$)/ig, '' )
+				.replace( /<\/?[a-z][\s\S]*?(>|$)/ig, '' );
+		},
+
+		/**
+		 * Strip HTML tags and convert HTML entities.
+		 *
+		 * @param {string} text Text to strip tags and convert HTML entities.
+		 *
+		 * @return Sanitized text. False on failure.
+		 */
+		sanitizeText: function( text ) {
+			var _text = wp.utils.stripTags( text ),
+				textarea = document.createElement( 'textarea' );
+
+			try {
+				textarea.innerHTML = _text;
+				_text = wp.utils.stripTags( textarea.value );
+			} catch ( er ) {}
+
+			return _text;
+		}
+	};
+}() );