feat: Shortcut in safe_html

Check for signs of html or script, skip further processing if none are found. Saves processing time for lxml parsing and manipulation.
plone · Aug 5, 2024 · 01b54a9 · 01b54a9
1 parent b8617c0
commit 01b54a9
Show file tree

Hide file tree

Showing 2 changed files with 10 additions and 0 deletions.
diff --git a/Products/PortalTransforms/transforms/safe_html.py b/Products/PortalTransforms/transforms/safe_html.py
@@ -4,6 +4,7 @@
 from lxml_html_clean import Cleaner
 from plone.base.interfaces import IFilterSchema
 from plone.base.utils import safe_bytes
+from plone.base.utils import safe_text
 from plone.registry.interfaces import IRegistry
 from Products.PortalTransforms.interfaces import ITransform
 from Products.PortalTransforms.libtransforms.utils import bodyfinder
@@ -183,6 +184,14 @@ def cleaner_options(self):
         return options
 
     def scrub_html(self, orig):
+        orig_text = safe_text(orig)
+        # short cut if no html or script is detected
+        if not orig or not (
+            hasScript(orig_text)
+            or "<" in orig_text
+            or ("&" in orig_text and ";" in orig_text)
+        ):
+            return orig_text
         # append html tag to create a dummy parent for the tree
         html_parser = html.HTMLParser(encoding="utf-8")
         orig = safe_bytes(orig)

diff --git a/news/66.feature b/news/66.feature
@@ -0,0 +1 @@
+Shortcut in safe_html: Check for signs of html or script, skip further processing if none are found.