Follow-up to #2501441: Document SafeMarkup::set in AllowedTagsXssTrait::fieldFilterXss

Problem/Motivation

AllowedTagsXssTrait::fieldFilterXss() can add a lot of long strings into memory in the SafeMarkup list.

Proposed resolution

Free the memory, based on one of these:

Remaining tasks

User interface changes

API changes

Comments

xjm’s picture

xjm
she/her
Primary language English
CreditAttribution: xjm at Acquia commented
Issue tags: +SafeMarkup
xjm’s picture

xjm
she/her
Primary language English
CreditAttribution: xjm at Acquia commented
Issue summary: View changes
Related issues: +#2506195: Remove SafeMarkup::set() from Xss::filter()

I think this one can be fixed with #2506195: Remove SafeMarkup::set() from Xss::filter().

cilefen’s picture

cilefen CreditAttribution: cilefen commented
Title: Free strings added to the SafeMarkup list AllowedTagsXssTrait::fieldFilterXss() when they are no longer needed » Free strings added to the SafeMarkup list in AllowedTagsXssTrait::fieldFilterXss() when they are no longer needed
star-szr’s picture

star-szr
he/him
Primary language English
CreditAttribution: star-szr as a volunteer commented

What's the status here now that #2506195: Remove SafeMarkup::set() from Xss::filter() is in?

cilefen’s picture

cilefen CreditAttribution: cilefen commented

The Xss::filter() call in AllowedTagsXssTrait::fieldFilterXss() no longer adds strings to memory.

mgifford’s picture

mgifford
he/him
Primary language English
CreditAttribution: mgifford at OpenConcept Consulting Inc. commented
Status: Postponed » Active

There doesn't seem to be anything to postpone this on anymore.

cilefen’s picture

cilefen CreditAttribution: cilefen commented

I followed the call chain and it looks to be the case that we get something implementing SafeStringInterface but these calls do not bloat the safe strings list. Can someone else verify that?

Berdir’s picture

Berdir
Primary language German
Location Switzerland
CreditAttribution: Berdir at MD Systems GmbH commented
Status: Active » Closed (won't fix)

Yes, it's safe to say that this doesn't happen anymore I think.