"Bawolff" posted a comment on MediaWiki.r113297. URL: http://www.mediawiki.org/wiki/Special:Code/MediaWiki/113297#c31953
Commit summary for MediaWiki.r113297: fix for bug34763 'RSS feed items (HTML) are not rendered as HTML but htmlescaped'; tolerated controlled regression bug30377 'feed item length limitation', because this now becomes very tricky when we allow some tags in order to close bug 34763. Bawolff's comment: <code>$ret = Sanitizer::removeHTMLtags( $text, null, array(), $extra, array( "iframe" ) );</code> Why is iframe specifically mentioned? If there's a good reason, should have a comment. <code>+ $renderedFeed = $this->sandboxParse( $renderedFeed );</code> Why does this use its own instance of the parser? In regards to initializing own instance of parser, initializing the parser using $wgUser 's options, and $wgTitle doesn't seem like the greatest idea. $parser->getTitle() would probably be better than $wgTitle, and for $wgUser, sometimes the parser needs to parse things using a user's options other than the current user (I think it does this to get a canonical version of the page for links tables, but don't quote me on that). You can get the current parser options using $parser->getOptions(). However as I said above, it doesn't seem like the sandboxParse is actually necessary in your code. _______________________________________________ MediaWiki-CodeReview mailing list [email protected] https://lists.wikimedia.org/mailman/listinfo/mediawiki-codereview
