Page MenuHomePhabricator

Sanitizer::removeHTMLtags should use Remex to tidy
Open, Needs TriagePublic

Description

Sanitizer::removeHTMLtags() should be implemented using Remex as a base, instead of via an adhoc collection of regexps.

This would eliminate issues like T67747: Sanitizer::removeHTMLtags doesn't close tags correctly when $wgUseTidy is enabled and {T298401} and improve our overall security.