Skip to content

Commit

Permalink
html_entity_decode text
Browse files Browse the repository at this point in the history
  • Loading branch information
@pfefferle
pfefferle committed Feb 29, 2024
1 parent 56748f6 commit 02a86ce
Showing 1 changed file with 12 additions and 2 deletions.
14 changes: 12 additions & 2 deletions includes/transformer/class-post.php
View file
Original file line number Diff line number Diff line change
Expand Up @@ -643,7 +643,13 @@ protected function get_summary() {
return null;
}

return \get_the_excerpt( $this->wp_object->ID );
return \wp_strip_all_tags(
\html_entity_decode(
\get_the_excerpt(
$this->wp_object->ID
)
)
);
}

/**
Expand All @@ -662,7 +668,11 @@ protected function get_name() {
$title = \get_the_title( $this->wp_object->ID );

if ( $title ) {
return $title;
return \wp_strip_all_tags(
\html_entity_decode(
$title
)
);
}

return null;
Expand Down

2 comments on commit 02a86ce

@janboddez
Copy link
Contributor

@janboddez janboddez commented on 02a86ce Mar 4, 2024
edited
Loading

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Stupid question, but if you decode before stripping tags, won't you just delete something like <code>&lt;meta name=&quot;foo&quot; value=&quot;bar&quot;&gt;</code>, e.g., if a blog post contained example code?

If you trust Mastodon to properly escape HTML (which I think it does), then shouldn't you first strip tags (removing only the code tags in the example above), and then decode the remaining entities?

Edit: Maybe it doesn't matter, I'm just now seeing this is about the summary/title only.

@pfefferle
Copy link
Member Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Yes, this is only for the fields that should be plain text. Maybe we can change that for the summary a bit later on.

Please sign in to comment.