[buddypress-trac] [BuddyPress Trac] #8236: `empty()` check for activity content after kses filtering
buddypress-trac
noreply at wordpress.org
Mon Feb 17 16:49:01 UTC 2020
#8236: `empty()` check for activity content after kses filtering
--------------------------+------------------------------
Reporter: oztaser | Owner: (none)
Type: defect (bug) | Status: new
Priority: normal | Milestone: Awaiting Review
Component: Activity | Version:
Severity: normal | Resolution:
Keywords: |
--------------------------+------------------------------
Comment (by oztaser):
Hi @imath, thank you for your response. I checked and I found
`last_activity` type with no content as you mention. It looks like we can
not add a control for all types. But an empty `activity_update` looks like
a problem to me, at least. Because if users post just an iframe, an empty
activity is inserted. There is an empty check for `activity_update` type
on `bp_activity_post_update` function but the `content` is not filtered
there. Maybe we can filter not allowed HTML elements before checking
content. Of course, you think this is an issue. I fixed my problem by
using `bp_activity_before_save` action.
I have another suggestion, we must pass a message parameter for
`bp_activity_missing_component` and `bp_activity_missing_type` errors.
Because It's a required parameter for `WP_Error->add()`. I am not quite
sure about what message should return so I am not preparing the patch.
Thanks again.
--
Ticket URL: <https://buddypress.trac.wordpress.org/ticket/8236#comment:2>
BuddyPress Trac <http://buddypress.org/>
BuddyPress Trac
More information about the buddypress-trac
mailing list