mirror of
https://github.com/ezyang/htmlpurifier.git
synced 2024-12-23 08:51:53 +00:00
7a6de55f76
git-svn-id: http://htmlpurifier.org/svnroot/htmlpurifier/trunk@435 48356398-32a2-884e-a903-53898d9a118a
40 lines
1.6 KiB
Plaintext
40 lines
1.6 KiB
Plaintext
|
|
Code Quality Issues
|
|
|
|
Okay, face it. Programmers can get lazy, cut corners, or make mistakes. They
|
|
also can do quick prototypes, and then forget to rewrite them later. Well,
|
|
while I can't list mistakes in here, I can list prototype-like segments
|
|
of code that should be aggressively refactored after the beta is released.
|
|
This does not list optimization issues, that needs to be done after intense
|
|
profiling.
|
|
|
|
Here we go:
|
|
|
|
AttrDef
|
|
Class - doesn't support Unicode characters (fringe); uses regular
|
|
expressions
|
|
Lang - code duplication; premature optimization; doesn't consult official
|
|
lists (fringe)
|
|
Length - easily mistaken for CSSLength
|
|
URI - multiple regular expressions; needs host validation routines factored
|
|
out for mailto scheme; missing validation for query; fragment and path,
|
|
no percent-encode fixing
|
|
CSS - parser doesn't accept advanced CSS (fringe)
|
|
Number - constructor interface is inconsistent with Integer
|
|
AttrTransform - doesn't accept AttrContext
|
|
Config - "load configuration" hooks missing, rich set* accessors missing
|
|
ConfigSchema - redefinition is a mess
|
|
Strategy
|
|
FixNesting - cannot bubble nodes out of structures
|
|
MakeWellFormed - insufficient automatic closing definitions (check HTML
|
|
spec for optional end tags, also, closing based on type (block/inline)
|
|
might be efficient).
|
|
RemoveForeignElements - should be run in parallel with MakeWellFormed
|
|
URIScheme - needs to have callable generic checks
|
|
ftp - missing typecode check
|
|
mailto - doesn't validate emails
|
|
news - doesn't validate opaque path
|
|
nntp - doesn't constrain path
|
|
EOL
|
|
|