wp-sanitize.js (1350B)
1 /** 2 * @output wp-includes/js/wp-sanitize.js 3 */ 4 5 ( function () { 6 7 window.wp = window.wp || {}; 8 9 /** 10 * wp.sanitize 11 * 12 * Helper functions to sanitize strings. 13 */ 14 wp.sanitize = { 15 16 /** 17 * Strip HTML tags. 18 * 19 * @param {string} text Text to have the HTML tags striped out of. 20 * 21 * @return Stripped text. 22 */ 23 stripTags: function( text ) { 24 text = text || ''; 25 26 // Do the replacement. 27 var _text = text 28 .replace( /<!--[\s\S]*?(-->|$)/g, '' ) 29 .replace( /<(script|style)[^>]*>[\s\S]*?(<\/\1>|$)/ig, '' ) 30 .replace( /<\/?[a-z][\s\S]*?(>|$)/ig, '' ); 31 32 // If the initial text is not equal to the modified text, 33 // do the search-replace again, until there is nothing to be replaced. 34 if ( _text !== text ) { 35 return wp.sanitize.stripTags( _text ); 36 } 37 38 // Return the text with stripped tags. 39 return _text; 40 }, 41 42 /** 43 * Strip HTML tags and convert HTML entities. 44 * 45 * @param {string} text Text to strip tags and convert HTML entities. 46 * 47 * @return Sanitized text. False on failure. 48 */ 49 stripTagsAndEncodeText: function( text ) { 50 var _text = wp.sanitize.stripTags( text ), 51 textarea = document.createElement( 'textarea' ); 52 53 try { 54 textarea.textContent = _text; 55 _text = wp.sanitize.stripTags( textarea.value ); 56 } catch ( er ) {} 57 58 return _text; 59 } 60 }; 61 }() );