| blob | 39e6a4aa6d0d79ae3a182c1c940161b59d7b1c2e |
6 <meta name="description" content="Discusses code quality issues and places that need to be refactored in HTML Purifier." />
11 </head><body>
18 <p>Okay, face it. Programmers can get lazy, cut corners, or make mistakes. They
19 also can do quick prototypes, and then forget to rewrite them later. Well,
20 while I can't list mistakes in here, I can list prototype-like segments
21 of code that should be aggressively refactored. This does not list
22 optimization issues, that needs to be done after intense profiling.</p>
24 <pre>
25 AttrDef
26 Class - doesn't support Unicode characters (fringe); uses regular
27 expressions
28 Lang - code duplication; premature optimization
29 Length - easily mistaken for CSSLength
30 URI - multiple regular expressions; missing validation for parts (?)
31 CSS - parser doesn't accept advanced CSS (fringe)
32 Number - constructor interface inconsistent with Integer
33 ConfigSchema - redefinition is a mess
34 Strategy
35 FixNesting - cannot bubble nodes out of structures, duplicated checks
36 for special-case parent node
37 MakeWellFormed - insufficient automatic closing definitions (check HTML
38 spec for optional end tags, also, closing based on type (block/inline)
39 might be efficient).
40 RemoveForeignElements - should be run in parallel with MakeWellFormed
41 URIScheme - needs to have callable generic checks
42 mailto - doesn't validate emails, doesn't validate querystring
43 news - doesn't validate opaque path
44 nntp - doesn't constrain path
45 </pre>
49 </body></html>