From 051b9c2f3bda4c8b93edbceeb3dc11f64811b50a Mon Sep 17 00:00:00 2001
From: ryan <ryan@1a063a9b-81f0-0310-95a4-ce76da25c4cd>
Date: Thu, 2 Sep 2010 15:06:07 +0000
Subject: [PATCH] Do not run kses on display filters for front page views. see
 #14758

git-svn-id: http://svn.automattic.com/wordpress/trunk@15559 1a063a9b-81f0-0310-95a4-ce76da25c4cd
---
 wp-includes/default-filters.php | 26 +++++++++++++++++---------
 1 file changed, 17 insertions(+), 9 deletions(-)

diff --git a/wp-includes/default-filters.php b/wp-includes/default-filters.php
index c2b5216bb..698280c1c 100644
--- a/wp-includes/default-filters.php
+++ b/wp-includes/default-filters.php
@@ -21,8 +21,11 @@ foreach ( array( 'pre_term_name', 'pre_comment_author_name', 'pre_link_name', 'p
 
 // Strip, kses, special chars for string display
 foreach ( array( 'term_name', 'comment_author_name', 'link_name', 'link_target', 'link_rel', 'user_display_name', 'user_first_name', 'user_last_name', 'user_nickname' ) as $filter ) {
-	add_filter( $filter, 'sanitize_text_field'  );
-	add_filter( $filter, 'wp_kses_data'       );
+	if ( is_admin() ) {
+		// These are expensive. Run only on admin pages for defense in depth.
+		add_filter( $filter, 'sanitize_text_field'  );
+		add_filter( $filter, 'wp_kses_data'       );
+	}
 	add_filter( $filter, '_wp_specialchars', 30 );
 }
 
@@ -31,9 +34,11 @@ foreach ( array( 'pre_term_description', 'pre_link_description', 'pre_link_notes
 	add_filter( $filter, 'wp_filter_kses' );
 }
 
-// Kses only for textarea saves displays
-foreach ( array( 'term_description', 'link_description', 'link_notes', 'user_description' ) as $filter ) {
-	add_filter( $filter, 'wp_kses_data' );
+// Kses only for textarea admin displays
+if ( is_admin() ) {
+	foreach ( array( 'term_description', 'link_description', 'link_notes', 'user_description' ) as $filter ) {
+		add_filter( $filter, 'wp_kses_data' );
+	}
 }
 
 // Email saves
@@ -43,10 +48,11 @@ foreach ( array( 'pre_comment_author_email', 'pre_user_email' ) as $filter ) {
 	add_filter( $filter, 'wp_filter_kses' );
 }
 
-// Email display
+// Email admin display
 foreach ( array( 'comment_author_email', 'user_email' ) as $filter ) {
 	add_filter( $filter, 'sanitize_email' );
-	add_filter( $filter, 'wp_kses_data' );
+	if ( is_admin() )
+		add_filter( $filter, 'wp_kses_data' );
 }
 
 // Save URL
@@ -59,9 +65,11 @@ foreach ( array( 'pre_comment_author_url', 'pre_user_url', 'pre_link_url', 'pre_
 
 // Display URL
 foreach ( array( 'user_url', 'link_url', 'link_image', 'link_rss', 'comment_url' ) as $filter ) {
-	add_filter( $filter, 'wp_strip_all_tags' );
+	if ( is_admin() )
+		add_filter( $filter, 'wp_strip_all_tags' );
 	add_filter( $filter, 'esc_url'           );
-	add_filter( $filter, 'wp_kses_data'    );
+	if ( is_admin() )
+		add_filter( $filter, 'wp_kses_data'    );
 }
 
 // Slugs