Context Navigation

← Previous Ticket
Next Ticket →

#26174 closed defect (bug) (fixed)

Customizer postMessage listener throws errors if it encounters a non-JSON string

Reported by:	mattwiebe	Owned by:
Milestone:	3.8	Priority:	normal
Severity:	normal	Version:
Component:	Customize	Keywords:	has-patch commit
Focuses:		Cc:

Description

Our postMessage listener in wp-includes/js/customize-base.js assumes that every possible postMessage message that comes in from the same domain as the Customizer must have an event.data property that is 1) a string and 2) a good candidate for JSON.parse.

Both of these assumptions are faulty, since 1) non-IE browsers can pass objects, not just strings, and 2) sending a string that can't be JSON.parse'd is a perfectly valid thing to do. As more things start to use postMessage, this will get us into more trouble. (In this case it's Google+ Follow embeds, which receive "lovely" strings like "!_{h:'I0_1385142794503'}" which JSON.parse of course chokes on.

Patch included.

Attachments (1)

postmessage-check.diff (537 bytes) - added by mattwiebe 11 years ago.

Download all attachments as: .zip

Change History (3)

@mattwiebe
11 years ago

Attachment postmessage-check.diff added

#1 @nacin
11 years ago

Keywords commit added
Milestone changed from Awaiting Review to 3.8

#2 @nacin
11 years ago

Resolution set to fixed
Status changed from new to closed

Bad paste. Fixed in [26542].

Note: See TracTickets for help on using tickets.

Trac UI Preferences

Download in other formats:

Make WordPress Core