Make WordPress Core

Opened 6 years ago

Closed 5 years ago

#44278 closed defect (bug) (duplicate)

Smileys got rendered inside pre/code tags in case html attributes are added to the tag

Reported by: andi-dittrich's profile Andi Dittrich Owned by:
Milestone: Priority: normal
Severity: normal Version:
Component: Formatting Keywords: has-patch has-unit-tests
Focuses: Cc:

Description

hi!

in case "raw" content is posted in a pre tag, legacy smiley sequences are processed by the convert_smilies function and converted to images, even if the html tags are in the $tags_to_ignore list.

this is caused by a weak regex inside the function which didn't take care of html attributes

current behaviour
https://media.andidittrich.de/wp-trac/current.png

expected behaviour
https://media.andidittrich.de/wp-trac/expected.png

example content to reproduce the issue

hello :)

this is sourcecode and should not contain smiley images:
<pre class="EnlighterJSRAW" data-enlighter-language="js">alert(':)');
// :)</pre>
and text :(

attached a fixed version which is taking care of additional html attributes

best regards, Andi

Attachments (3)

convert_smilies_regex.patch (598 bytes) - added by Andi Dittrich 6 years ago.
patch to fix the regex
convert_smilies_regex_v2.patch (597 bytes) - added by Andi Dittrich 6 years ago.
removed repetition quantifier (regex should be ungreedy)
44278.3.diff (3.4 KB) - added by birgire 6 years ago.

Download all attachments as: .zip

Change History (8)

@Andi Dittrich
6 years ago

patch to fix the regex

@Andi Dittrich
6 years ago

removed repetition quantifier (regex should be ungreedy)

#1 @birgire
6 years ago

  • Keywords needs-unit-tests added
  • Version trunk deleted

Thanks for the ticket and patch @Andi Dittrich

There is already ticket #16448 that is marked as fixed, so did something change since then?

#2 @Andi Dittrich
6 years ago

the old ticket adds the generic functionality to exclude pre/code tags from convert_smilies.
but it uses a weak regex which didn't handle html attributes on these tags.

this patch fixes the feature introduced in #16448 by modifying the regex

@birgire
6 years ago

#3 @birgire
6 years ago

  • Keywords has-unit-tests added; needs-unit-tests removed

The patch in 44278.3.diff includes some suggestions:

  • Adds a unit test for ignored tags with attributes.
  • Uses [^>]* instead of .* with the non-greedy modifier U. It feels somewhat more transparent to me.

Additionally it uses the opportunity to:

  • Add full-stops to inline comments.
  • Capitalize inline comments.
  • Fix a typo in inline comment: From proessing to processing.
  • Format inline description.

in convert_smilies().

#4 @Andi Dittrich
6 years ago

thank you @birgire

#5 @pento
5 years ago

  • Keywords dev-feedback removed
  • Milestone Awaiting Review deleted
  • Resolution set to duplicate
  • Status changed from new to closed

Duplicate of #47489.

Note: See TracTickets for help on using tickets.