magdev/wp-fedistream
1
Fork 0
Code Issues Pull Requests Actions Releases 12 Activity

fix: Nuclear option - never apply the_content filter
All checks were successful
Create Release Package / build-release (push) Successful in 1m2s
Details

Browse Source 
- get_post_data() now ALWAYS strips shortcodes and uses raw content
- Never calls apply_filters('the_content') or get_the_excerpt()
- FediStream posts don't need shortcode processing in content
- This guarantees no recursion through WordPress hook system

Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>
This commit is contained in:
Marco Grätsch
2026-02-02 19:59:04 +01:00
parent b592e45d58
commit 35ad390aeb
3 changed files with 24 additions and 26 deletions
Download Patch File Download Diff File Expand all files Collapse all files

33
includes/Frontend/TemplateLoader.php
View File

@@ -289,31 +289,18 @@ class TemplateLoader {
// Track recursion to prevent infinite loops from shortcodes in content.
++self::$recursion_depth;
// Skip the_content filter if:
// 1. We're in a shortcode context (prevents recursive shortcode processing)
// 2. We're at depth > 1 (nested data loading)
$skip_content_filter = self::$shortcode_context_depth > 0 || self::$recursion_depth > 1;
// When skipping content filter, also use raw excerpt to avoid get_the_excerpt()
// triggering the_content filter internally when generating auto-excerpts.
if ( $skip_content_filter ) {
$excerpt = $post->post_excerpt;
if ( empty( $excerpt ) ) {
// Generate a simple excerpt without triggering the_content filter.
$excerpt = wp_trim_words( wp_strip_all_tags( $post->post_content ), 55, '&hellip;' );
}
} else {
$excerpt = get_the_excerpt( $post );
// ALWAYS skip the_content filter to prevent any possible recursion.
// FediStream posts don't need shortcode processing in their content.
// This is the nuclear option but it guarantees no recursion.
$excerpt = $post->post_excerpt;
if ( empty( $excerpt ) ) {
// Generate a simple excerpt without triggering the_content filter.
$excerpt = wp_trim_words( wp_strip_all_tags( $post->post_content ), 55, '&hellip;' );
}
// When skipping content filter, also strip shortcodes to prevent them from
// being processed by anything else that might call do_shortcode on the output.
if ( $skip_content_filter ) {
$content = strip_shortcodes( $post->post_content );
$content = wp_kses_post( $content );
} else {
$content = apply_filters( 'the_content', $post->post_content );
}
// Strip shortcodes and sanitize content - never apply the_content filter.
$content = strip_shortcodes( $post->post_content );
$content = wp_kses_post( $content );
$data = array(
'id' => $post->ID,