Remove useless filters from SingleLinePipeline

Everyone can contribute. Help move this issue forward while earning points, leveling up and collecting rewards.

Close this issue

Banzai::Pipeline::SingleLinePipeline begins like this:

def self.filters
  @filters ||= FilterArray[
    Filter::HtmlEntityFilter,
    Filter::MinimumMarkdownSanitizationFilter,
    Filter::SanitizeLinkFilter,
    Filter::AssetProxyFilter,
    Filter::EmojiFilter,
    Filter::CustomEmojiFilter,
    Filter::AutolinkFilter,
    Filter::ExternalLinkFilter,
    *reference_filters
  ]
end

After HtmlEntityFilter, the content is guaranteed to have no HTML tags in it whatsoever. If it did, we'd be in tremendous trouble.

Therefore:

def self.filters
  @filters ||= FilterArray[
    Filter::HtmlEntityFilter,
    Filter::MinimumMarkdownSanitizationFilter,   # <-- guaranteed to do nothing
    Filter::SanitizeLinkFilter,                  # <-- guaranteed to do nothing
    Filter::AssetProxyFilter,                    # <-- guaranteed to do nothing
    Filter::EmojiFilter,
    Filter::CustomEmojiFilter,
    Filter::AutolinkFilter,
    Filter::ExternalLinkFilter,
    *reference_filters
  ]
end

Note that AutolinkFilter does includes Gitlab::Utils::SanitizeNodeLink (the core of SanitizeLinkFilter) and does use one of its methods (and reproduces part of its logic) in producing its output. It does look a bit sussy and could use a look too — I don't think that .html_safe call inside replace_gsub's block does anything, for instance.

Edited Feb 23, 2026 by 🤖 GitLab Bot 🤖