| blob | 1b7ecad12f857ca9ea52ef371261ce27a10ff9e2 |
6 <meta name="description" content="Discusses code quality issues and places that need to be refactored in HTML Purifier." />
11 </head><body>
18 <p>Okay, face it. Programmers can get lazy, cut corners, or make mistakes. They
19 also can do quick prototypes, and then forget to rewrite them later. Well,
20 while I can't list mistakes in here, I can list prototype-like segments
21 of code that should be aggressively refactored. This does not list
22 optimization issues, that needs to be done after intense profiling.</p>
24 <pre>
25 AttrDef
26 Class - doesn't support Unicode characters (fringe); uses regular
27 expressions
28 Lang - code duplication; premature optimization
29 Length - easily mistaken for CSSLength
30 URI - multiple regular expressions; missing validation for parts (?)
31 CSS - parser doesn't accept advanced CSS (fringe)
32 Number - constructor interface inconsistent with Integer
33 ConfigSchema - redefinition is a mess
34 Strategy
35 FixNesting - cannot bubble nodes out of structures
36 MakeWellFormed - insufficient automatic closing definitions (check HTML
37 spec for optional end tags, also, closing based on type (block/inline)
38 might be efficient).
39 RemoveForeignElements - should be run in parallel with MakeWellFormed
40 URIScheme - needs to have callable generic checks
41 mailto - doesn't validate emails, doesn't validate querystring
42 news - doesn't validate opaque path
43 nntp - doesn't constrain path
44 </pre>
48 </body></html>