-
diff --git a/src/wp-admin/includes/class-wp-site-health.php b/src/wp-admin/includes/class-wp-site-health.php
index de698d7a30..2dbd722bc9 100644
a
|
b
|
class WP_Site_Health { |
729 | 729 | ) |
730 | 730 | ), |
731 | 731 | 'actions' => sprintf( |
732 | | '<p><a href="%s" target="_blank" rel="noopener noreferrer">%s <span class="screen-reader-text">%s</span><span aria-hidden="true" class="dashicons dashicons-external"></span></a></p>', |
| 732 | '<p><a href="%s" target="_blank" rel="noopener">%s <span class="screen-reader-text">%s</span><span aria-hidden="true" class="dashicons dashicons-external"></span></a></p>', |
733 | 733 | esc_url( wp_get_update_php_url() ), |
734 | 734 | __( 'Learn more about updating PHP' ), |
735 | 735 | /* translators: Accessibility text. */ |
… |
… |
class WP_Site_Health { |
841 | 841 | __( 'The WordPress Hosting Team maintains a list of those modules, both recommended and required, in <a href="%1$s" %2$s>the team handbook%3$s</a>.' ), |
842 | 842 | /* translators: Localized team handbook, if one exists. */ |
843 | 843 | esc_url( __( 'https://make.wordpress.org/hosting/handbook/handbook/server-environment/#php-extensions' ) ), |
844 | | 'target="_blank" rel="noopener noreferrer"', |
| 844 | 'target="_blank" rel="noopener"', |
845 | 845 | sprintf( |
846 | 846 | ' <span class="screen-reader-text">%s</span><span aria-hidden="true" class="dashicons dashicons-external"></span>', |
847 | 847 | /* translators: Accessibility text. */ |
… |
… |
class WP_Site_Health { |
1158 | 1158 | __( 'The SQL server is a required piece of software for the database WordPress uses to store all your site’s content and settings.' ) |
1159 | 1159 | ), |
1160 | 1160 | 'actions' => sprintf( |
1161 | | '<p><a href="%s" target="_blank" rel="noopener noreferrer">%s <span class="screen-reader-text">%s</span><span aria-hidden="true" class="dashicons dashicons-external"></span></a></p>', |
| 1161 | '<p><a href="%s" target="_blank" rel="noopener">%s <span class="screen-reader-text">%s</span><span aria-hidden="true" class="dashicons dashicons-external"></span></a></p>', |
1162 | 1162 | /* translators: Localized version of WordPress requirements if one exists. */ |
1163 | 1163 | esc_url( __( 'https://wordpress.org/about/requirements/' ) ), |
1164 | 1164 | __( 'Learn more about what WordPress requires to run.' ), |
… |
… |
class WP_Site_Health { |
1395 | 1395 | ); |
1396 | 1396 | |
1397 | 1397 | $result['actions'] = sprintf( |
1398 | | '<p><a href="%s" target="_blank" rel="noopener noreferrer">%s <span class="screen-reader-text">%s</span><span aria-hidden="true" class="dashicons dashicons-external"></span></a></p>', |
| 1398 | '<p><a href="%s" target="_blank" rel="noopener">%s <span class="screen-reader-text">%s</span><span aria-hidden="true" class="dashicons dashicons-external"></span></a></p>', |
1399 | 1399 | /* translators: Localized Support reference. */ |
1400 | 1400 | esc_url( __( 'https://wordpress.org/support' ) ), |
1401 | 1401 | __( 'Get help resolving this issue.' ), |
… |
… |
class WP_Site_Health { |
1433 | 1433 | __( 'Debug mode is often enabled to gather more details about an error or site failure, but may contain sensitive information which should not be available on a publicly available website.' ) |
1434 | 1434 | ), |
1435 | 1435 | 'actions' => sprintf( |
1436 | | '<p><a href="%s" target="_blank" rel="noopener noreferrer">%s <span class="screen-reader-text">%s</span><span aria-hidden="true" class="dashicons dashicons-external"></span></a></p>', |
| 1436 | '<p><a href="%s" target="_blank" rel="noopener">%s <span class="screen-reader-text">%s</span><span aria-hidden="true" class="dashicons dashicons-external"></span></a></p>', |
1437 | 1437 | /* translators: Documentation explaining debugging in WordPress. */ |
1438 | 1438 | esc_url( __( 'https://wordpress.org/support/article/debugging-in-wordpress/' ) ), |
1439 | 1439 | __( 'Learn more about debugging in WordPress.' ), |
… |
… |
class WP_Site_Health { |
1502 | 1502 | __( 'An HTTPS connection is a more secure way of browsing the web. Many services now have HTTPS as a requirement. HTTPS allows you to take advantage of new features that can increase site speed, improve search rankings, and gain the trust of your visitors by helping to protect their online privacy.' ) |
1503 | 1503 | ), |
1504 | 1504 | 'actions' => sprintf( |
1505 | | '<p><a href="%s" target="_blank" rel="noopener noreferrer">%s <span class="screen-reader-text">%s</span><span aria-hidden="true" class="dashicons dashicons-external"></span></a></p>', |
| 1505 | '<p><a href="%s" target="_blank" rel="noopener">%s <span class="screen-reader-text">%s</span><span aria-hidden="true" class="dashicons dashicons-external"></span></a></p>', |
1506 | 1506 | /* translators: Documentation explaining HTTPS and why it should be used. */ |
1507 | 1507 | esc_url( __( 'https://wordpress.org/support/article/why-should-i-use-https/' ) ), |
1508 | 1508 | __( 'Learn more about why you should use HTTPS' ), |
-
diff --git a/src/wp-admin/includes/dashboard.php b/src/wp-admin/includes/dashboard.php
index edc30cda2c..ff91fdfa8a 100644
a
|
b
|
function wp_dashboard_php_nag() { |
1749 | 1749 | <p class="button-container"> |
1750 | 1750 | <?php |
1751 | 1751 | printf( |
1752 | | '<a class="button button-primary" href="%1$s" target="_blank" rel="noopener noreferrer">%2$s <span class="screen-reader-text">%3$s</span><span aria-hidden="true" class="dashicons dashicons-external"></span></a>', |
| 1752 | '<a class="button button-primary" href="%1$s" target="_blank" rel="noopener">%2$s <span class="screen-reader-text">%3$s</span><span aria-hidden="true" class="dashicons dashicons-external"></span></a>', |
1753 | 1753 | esc_url( wp_get_update_php_url() ), |
1754 | 1754 | __( 'Learn more about updating PHP' ), |
1755 | 1755 | /* translators: Accessibility text. */ |
-
diff --git a/src/wp-admin/includes/media.php b/src/wp-admin/includes/media.php
index 94cc216df5..9efb611aea 100644
a
|
b
|
function edit_form_image_editor( $post ) { |
3194 | 3194 | /* translators: 1: Link to tutorial, 2: Additional link attributes, 3: Accessibility text. */ |
3195 | 3195 | __( '<a href="%1$s" %2$s>Describe the purpose of the image%3$s</a>. Leave empty if the image is purely decorative.' ), |
3196 | 3196 | esc_url( 'https://www.w3.org/WAI/tutorials/images/decision-tree' ), |
3197 | | 'target="_blank" rel="noopener noreferrer"', |
| 3197 | 'target="_blank" rel="noopener"', |
3198 | 3198 | sprintf( |
3199 | 3199 | '<span class="screen-reader-text"> %s</span>', |
3200 | 3200 | /* translators: Accessibility text. */ |
-
diff --git a/src/wp-includes/class-walker-nav-menu.php b/src/wp-includes/class-walker-nav-menu.php
index 5f4a53691c..f9c94e16fb 100644
a
|
b
|
class Walker_Nav_Menu extends Walker { |
173 | 173 | $atts['title'] = ! empty( $item->attr_title ) ? $item->attr_title : ''; |
174 | 174 | $atts['target'] = ! empty( $item->target ) ? $item->target : ''; |
175 | 175 | if ( '_blank' === $item->target && empty( $item->xfn ) ) { |
176 | | $atts['rel'] = 'noopener noreferrer'; |
| 176 | $atts['rel'] = 'noopener'; |
177 | 177 | } else { |
178 | 178 | $atts['rel'] = $item->xfn; |
179 | 179 | } |
-
diff --git a/src/wp-includes/comment.php b/src/wp-includes/comment.php
index 10e9d864ad..70d2621a7e 100644
a
|
b
|
function wp_comments_personal_data_exporter( $email_address, $page = 1 ) { |
3628 | 3628 | case 'comment_link': |
3629 | 3629 | $value = get_comment_link( $comment->comment_ID ); |
3630 | 3630 | $value = sprintf( |
3631 | | '<a href="%s" target="_blank" rel="noreferrer noopener">%s</a>', |
| 3631 | '<a href="%s" target="_blank" rel="noopener">%s</a>', |
3632 | 3632 | esc_url( $value ), |
3633 | 3633 | esc_html( $value ) |
3634 | 3634 | ); |
-
diff --git a/src/wp-includes/formatting.php b/src/wp-includes/formatting.php
index 494c1b3e61..647bcb185c 100644
a
|
b
|
function wp_rel_ugc( $text ) { |
3153 | 3153 | } |
3154 | 3154 | |
3155 | 3155 | /** |
3156 | | * Adds rel noreferrer and noopener to all HTML A elements that have a target. |
| 3156 | * Adds rel noopener to all HTML A elements that have a target. |
3157 | 3157 | * |
3158 | 3158 | * @since 5.1.0 |
| 3159 | * @since 5.6.0 Removed noreferrer relationship. |
3159 | 3160 | * |
3160 | 3161 | * @param string $text Content that may contain HTML A elements. |
3161 | 3162 | * @return string Converted content. |
… |
… |
function wp_targeted_link_rel( $text ) { |
3188 | 3189 | } |
3189 | 3190 | |
3190 | 3191 | /** |
3191 | | * Callback to add rel="noreferrer noopener" string to HTML A element. |
| 3192 | * Callback to add rel="noopener" string to HTML A element. |
3192 | 3193 | * |
3193 | | * Will not duplicate existing noreferrer and noopener values |
3194 | | * to prevent from invalidating the HTML. |
| 3194 | * Will not duplicate existing noopener value to prevent from invalidating the HTML. |
3195 | 3195 | * |
3196 | 3196 | * @since 5.1.0 |
| 3197 | * @since 5.6.0 Removed noreferrer relationship. |
3197 | 3198 | * |
3198 | 3199 | * @param array $matches Single Match |
3199 | | * @return string HTML A Element with rel noreferrer noopener in addition to any existing values |
| 3200 | * @return string HTML A Element with rel noopener in addition to any existing values |
3200 | 3201 | */ |
3201 | 3202 | function wp_targeted_link_rel_callback( $matches ) { |
3202 | 3203 | $link_html = $matches[1]; |
… |
… |
function wp_targeted_link_rel_callback( $matches ) { |
3219 | 3220 | * @param string $rel The rel values. |
3220 | 3221 | * @param string $link_html The matched content of the link tag including all HTML attributes. |
3221 | 3222 | */ |
3222 | | $rel = apply_filters( 'wp_targeted_link_rel', 'noopener noreferrer', $link_html ); |
| 3223 | $rel = apply_filters( 'wp_targeted_link_rel', 'noopener', $link_html ); |
3223 | 3224 | |
3224 | 3225 | // Return early if no rel values to be added or if no actual target attribute. |
3225 | 3226 | if ( ! $rel || ! isset( $atts['target'] ) ) { |
-
diff --git a/src/wp-includes/functions.php b/src/wp-includes/functions.php
index fe68d7f760..7446203ed0 100644
a
|
b
|
function wp_direct_php_update_button() { |
7501 | 7501 | |
7502 | 7502 | echo '<p class="button-container">'; |
7503 | 7503 | printf( |
7504 | | '<a class="button button-primary" href="%1$s" target="_blank" rel="noopener noreferrer">%2$s <span class="screen-reader-text">%3$s</span><span aria-hidden="true" class="dashicons dashicons-external"></span></a>', |
| 7504 | '<a class="button button-primary" href="%1$s" target="_blank" rel="noopener">%2$s <span class="screen-reader-text">%3$s</span><span aria-hidden="true" class="dashicons dashicons-external"></span></a>', |
7505 | 7505 | esc_url( $direct_update_url ), |
7506 | 7506 | __( 'Update PHP' ), |
7507 | 7507 | /* translators: Accessibility text. */ |
-
diff --git a/src/wp-includes/media-template.php b/src/wp-includes/media-template.php
index 47204f31b7..6cc577ba22 100644
a
|
b
|
function wp_print_media_templates() { |
160 | 160 | /* translators: 1: Link to tutorial, 2: Additional link attributes, 3: Accessibility text. */ |
161 | 161 | __( '<a href="%1$s" %2$s>Describe the purpose of the image%3$s</a>. Leave empty if the image is purely decorative.' ), |
162 | 162 | esc_url( 'https://www.w3.org/WAI/tutorials/images/decision-tree' ), |
163 | | 'target="_blank" rel="noopener noreferrer"', |
| 163 | 'target="_blank" rel="noopener"', |
164 | 164 | sprintf( |
165 | 165 | '<span class="screen-reader-text"> %s</span>', |
166 | 166 | /* translators: Accessibility text. */ |
-
diff --git a/src/wp-includes/widgets/class-wp-widget-custom-html.php b/src/wp-includes/widgets/class-wp-widget-custom-html.php
index b9140e65e8..8db6d7d492 100644
a
|
b
|
class WP_Widget_Custom_HTML extends WP_Widget { |
146 | 146 | /** This filter is documented in wp-includes/widgets/class-wp-widget-text.php */ |
147 | 147 | $content = apply_filters( 'widget_text', $instance['content'], $simulated_text_widget_instance, $this ); |
148 | 148 | |
149 | | // Adds noreferrer and noopener relationships, without duplicating values, to all HTML A elements that have a target. |
| 149 | // Adds noopener relationship, without duplicating values, to all HTML A elements that have a target. |
150 | 150 | $content = wp_targeted_link_rel( $content ); |
151 | 151 | |
152 | 152 | /** |
-
diff --git a/src/wp-includes/widgets/class-wp-widget-text.php b/src/wp-includes/widgets/class-wp-widget-text.php
index 8cac1b9185..d035f8e7bc 100644
a
|
b
|
class WP_Widget_Text extends WP_Widget { |
331 | 331 | |
332 | 332 | $text = preg_replace_callback( '#<(video|iframe|object|embed)\s[^>]*>#i', array( $this, 'inject_video_max_width_style' ), $text ); |
333 | 333 | |
334 | | // Adds noreferrer and noopener relationships, without duplicating values, to all HTML A elements that have a target. |
| 334 | // Adds noopener relationship, without duplicating values, to all HTML A elements that have a target. |
335 | 335 | $text = wp_targeted_link_rel( $text ); |
336 | 336 | |
337 | 337 | ?> |
-
diff --git a/src/wp-login.php b/src/wp-login.php
index 0135ecffb7..c40cf54d78 100644
a
|
b
|
switch ( $action ) { |
689 | 689 | $accessibility_text = sprintf( '<span class="screen-reader-text"> %s</span>', __( '(opens in a new tab)' ) ); |
690 | 690 | |
691 | 691 | printf( |
692 | | '<a href="%s" rel="noopener noreferrer" target="_blank">%s%s</a>', |
| 692 | '<a href="%s" rel="noopener" target="_blank">%s%s</a>', |
693 | 693 | esc_url( $admin_email_help_url ), |
694 | 694 | __( 'Why is this important?' ), |
695 | 695 | $accessibility_text |
… |
… |
switch ( $action ) { |
1527 | 1527 | for ( i in links ) { |
1528 | 1528 | if ( links[i].href ) { |
1529 | 1529 | links[i].target = '_blank'; |
1530 | | links[i].rel = 'noreferrer noopener'; |
| 1530 | links[i].rel = 'noopener'; |
1531 | 1531 | } |
1532 | 1532 | } |
1533 | 1533 | } catch( er ) {} |
-
diff --git a/tests/phpunit/tests/formatting/WPTargetedLinkRel.php b/tests/phpunit/tests/formatting/WPTargetedLinkRel.php
index bc58dfe9cc..932100c1cd 100644
a
|
b
|
class Tests_Targeted_Link_Rel extends WP_UnitTestCase { |
8 | 8 | |
9 | 9 | public function test_add_to_links_with_target_blank() { |
10 | 10 | $content = '<p>Links: <a href="/" target="_blank">No rel</a></p>'; |
11 | | $expected = '<p>Links: <a href="/" target="_blank" rel="noopener noreferrer">No rel</a></p>'; |
| 11 | $expected = '<p>Links: <a href="/" target="_blank" rel="noopener">No rel</a></p>'; |
12 | 12 | $this->assertSame( $expected, wp_targeted_link_rel( $content ) ); |
13 | 13 | } |
14 | 14 | |
15 | 15 | public function test_add_to_links_with_target_foo() { |
16 | 16 | $content = '<p>Links: <a href="/" target="foo">No rel</a></p>'; |
17 | | $expected = '<p>Links: <a href="/" target="foo" rel="noopener noreferrer">No rel</a></p>'; |
| 17 | $expected = '<p>Links: <a href="/" target="foo" rel="noopener">No rel</a></p>'; |
18 | 18 | $this->assertSame( $expected, wp_targeted_link_rel( $content ) ); |
19 | 19 | } |
20 | 20 | |
21 | 21 | public function test_target_as_first_attribute() { |
22 | 22 | $content = '<p>Links: <a target="_blank" href="#">No rel</a></p>'; |
23 | | $expected = '<p>Links: <a target="_blank" href="#" rel="noopener noreferrer">No rel</a></p>'; |
| 23 | $expected = '<p>Links: <a target="_blank" href="#" rel="noopener">No rel</a></p>'; |
24 | 24 | $this->assertSame( $expected, wp_targeted_link_rel( $content ) ); |
25 | 25 | } |
26 | 26 | |
27 | 27 | public function test_add_to_existing_rel() { |
28 | 28 | $content = '<p>Links: <a href="/" rel="existing values" target="_blank">Existing rel</a></p>'; |
29 | | $expected = '<p>Links: <a href="/" rel="existing values noopener noreferrer" target="_blank">Existing rel</a></p>'; |
| 29 | $expected = '<p>Links: <a href="/" rel="existing values noopener" target="_blank">Existing rel</a></p>'; |
30 | 30 | $this->assertSame( $expected, wp_targeted_link_rel( $content ) ); |
31 | 31 | } |
32 | 32 | |
33 | 33 | public function test_no_duplicate_values_added() { |
34 | 34 | $content = '<p>Links: <a href="/" rel="existing noopener values" target="_blank">Existing rel</a></p>'; |
35 | | $expected = '<p>Links: <a href="/" rel="existing noopener values noreferrer" target="_blank">Existing rel</a></p>'; |
| 35 | $expected = '<p>Links: <a href="/" rel="existing noopener values" target="_blank">Existing rel</a></p>'; |
36 | 36 | $this->assertSame( $expected, wp_targeted_link_rel( $content ) ); |
37 | 37 | } |
38 | 38 | |
39 | 39 | public function test_rel_with_single_quote_delimiter() { |
40 | 40 | $content = '<p>Links: <a href="/" rel=\'existing values\' target="_blank">Existing rel</a></p>'; |
41 | | $expected = '<p>Links: <a href="/" rel="existing values noopener noreferrer" target="_blank">Existing rel</a></p>'; |
| 41 | $expected = '<p>Links: <a href="/" rel="existing values noopener" target="_blank">Existing rel</a></p>'; |
42 | 42 | $this->assertSame( $expected, wp_targeted_link_rel( $content ) ); |
43 | 43 | } |
44 | 44 | |
45 | 45 | public function test_rel_with_no_delimiter() { |
46 | 46 | $content = '<p>Links: <a href="/" rel=existing target="_blank">Existing rel</a></p>'; |
47 | | $expected = '<p>Links: <a href="/" rel="existing noopener noreferrer" target="_blank">Existing rel</a></p>'; |
| 47 | $expected = '<p>Links: <a href="/" rel="existing noopener" target="_blank">Existing rel</a></p>'; |
48 | 48 | $this->assertSame( $expected, wp_targeted_link_rel( $content ) ); |
49 | 49 | } |
50 | 50 | |
51 | 51 | public function test_rel_value_spaced_and_no_delimiter() { |
52 | 52 | $content = '<p>Links: <a href="/" rel = existing target="_blank">Existing rel</a></p>'; |
53 | | $expected = '<p>Links: <a href="/" rel="existing noopener noreferrer" target="_blank">Existing rel</a></p>'; |
| 53 | $expected = '<p>Links: <a href="/" rel="existing noopener" target="_blank">Existing rel</a></p>'; |
54 | 54 | $this->assertSame( $expected, wp_targeted_link_rel( $content ) ); |
55 | 55 | } |
56 | 56 | |
57 | 57 | public function test_escaped_quotes() { |
58 | 58 | $content = '<p>Links: <a href=\"/\" rel=\"existing values\" target=\"_blank\">Existing rel</a></p>'; |
59 | | $expected = '<p>Links: <a href=\"/\" rel=\"existing values noopener noreferrer\" target=\"_blank\">Existing rel</a></p>'; |
| 59 | $expected = '<p>Links: <a href=\"/\" rel=\"existing values noopener\" target=\"_blank\">Existing rel</a></p>'; |
60 | 60 | $this->assertSame( $expected, wp_targeted_link_rel( $content ) ); |
61 | 61 | } |
62 | 62 | |
63 | 63 | public function test_ignore_links_with_no_target() { |
64 | 64 | $content = '<p>Links: <a href="/" target="_blank">Change me</a> <a href="/">Do not change me</a></p>'; |
65 | | $expected = '<p>Links: <a href="/" target="_blank" rel="noopener noreferrer">Change me</a> <a href="/">Do not change me</a></p>'; |
| 65 | $expected = '<p>Links: <a href="/" target="_blank" rel="noopener">Change me</a> <a href="/">Do not change me</a></p>'; |
66 | 66 | $this->assertSame( $expected, wp_targeted_link_rel( $content ) ); |
67 | 67 | } |
68 | 68 | |
… |
… |
class Tests_Targeted_Link_Rel extends WP_UnitTestCase { |
85 | 85 | */ |
86 | 86 | public function test_wp_targeted_link_rel_filters_run() { |
87 | 87 | $content = '<p>Links: <a href="/" target="_blank">No rel</a></p>'; |
88 | | $expected = '<p>Links: <a href="/" target="_blank" rel="noopener noreferrer">No rel</a></p>'; |
| 88 | $expected = '<p>Links: <a href="/" target="_blank" rel="noopener">No rel</a></p>'; |
89 | 89 | |
90 | 90 | $post = $this->factory()->post->create_and_get( |
91 | 91 | array( |
… |
… |
class Tests_Targeted_Link_Rel extends WP_UnitTestCase { |
103 | 103 | */ |
104 | 104 | public function test_wp_targeted_link_rel_should_preserve_json() { |
105 | 105 | $content = '<p>Links: <a href=\"\/\" target=\"_blank\">No rel<\/a><\/p>'; |
106 | | $expected = '<p>Links: <a href=\"\/\" target=\"_blank\" rel=\"noopener noreferrer\">No rel<\/a><\/p>'; |
| 106 | $expected = '<p>Links: <a href=\"\/\" target=\"_blank\" rel=\"noopener\">No rel<\/a><\/p>'; |
107 | 107 | $this->assertSame( $expected, wp_targeted_link_rel( $content ) ); |
108 | 108 | } |
109 | 109 | |
… |
… |
class Tests_Targeted_Link_Rel extends WP_UnitTestCase { |
114 | 114 | */ |
115 | 115 | public function test_wp_targeted_link_rel_skips_style_and_scripts() { |
116 | 116 | $content = '<style><a href="/" target=a></style><p>Links: <script>console.log("<a href=\'/\' target=a>hi</a>");</script><script>alert(1);</script>here <a href="/" target=_blank>aq</a></p><script>console.log("<a href=\'last\' target=\'_blank\'")</script>'; |
117 | | $expected = '<style><a href="/" target=a></style><p>Links: <script>console.log("<a href=\'/\' target=a>hi</a>");</script><script>alert(1);</script>here <a href="/" target="_blank" rel="noopener noreferrer">aq</a></p><script>console.log("<a href=\'last\' target=\'_blank\'")</script>'; |
| 117 | $expected = '<style><a href="/" target=a></style><p>Links: <script>console.log("<a href=\'/\' target=a>hi</a>");</script><script>alert(1);</script>here <a href="/" target="_blank" rel="noopener">aq</a></p><script>console.log("<a href=\'last\' target=\'_blank\'")</script>'; |
118 | 118 | $this->assertSame( $expected, wp_targeted_link_rel( $content ) ); |
119 | 119 | } |
120 | 120 | |
… |
… |
class Tests_Targeted_Link_Rel extends WP_UnitTestCase { |
131 | 131 | |
132 | 132 | public function test_wp_targeted_link_rel_tab_separated_values_are_split() { |
133 | 133 | $content = "<p>Links: <a href=\"/\" target=\"_blank\" rel=\"ugc\t\tnoopener\t\">No rel</a></p>"; |
134 | | $expected = '<p>Links: <a href="/" target="_blank" rel="ugc noopener noreferrer">No rel</a></p>'; |
| 134 | $expected = '<p>Links: <a href="/" target="_blank" rel="ugc noopener">No rel</a></p>'; |
135 | 135 | $this->assertSame( $expected, wp_targeted_link_rel( $content ) ); |
136 | 136 | } |
137 | 137 | |
-
diff --git a/tests/phpunit/tests/menu/walker-nav-menu.php b/tests/phpunit/tests/menu/walker-nav-menu.php
index 25e6aba510..9b63d63d54 100644
a
|
b
|
class Tests_Menu_Walker_Nav_Menu extends WP_UnitTestCase { |
37 | 37 | } |
38 | 38 | |
39 | 39 | /** |
40 | | * Tests when an item's target is _blank, that rel="noopener noreferrer" is added. |
| 40 | * Tests when an item's target is _blank, that rel="noopener" is added. |
41 | 41 | * |
42 | 42 | * @ticket 43290 |
43 | 43 | */ |
… |
… |
class Tests_Menu_Walker_Nav_Menu extends WP_UnitTestCase { |
64 | 64 | |
65 | 65 | $this->walker->start_el( $expected, (object) $item, 0, (object) $args ); |
66 | 66 | |
67 | | $this->assertSame( "<li id=\"menu-item-{$post_id}\" class=\"menu-item-{$post_id}\"><a target=\"_blank\" rel=\"noopener noreferrer\">{$post_title}</a>", $expected ); |
| 67 | $this->assertSame( "<li id=\"menu-item-{$post_id}\" class=\"menu-item-{$post_id}\"><a target=\"_blank\" rel=\"noopener\">{$post_title}</a>", $expected ); |
68 | 68 | } |
69 | 69 | |
70 | 70 | /** |
-
diff --git a/tests/phpunit/tests/privacy/wpPrivacyGeneratePersonalDataExportFile.php b/tests/phpunit/tests/privacy/wpPrivacyGeneratePersonalDataExportFile.php
index 75bd6aefc2..2288124c84 100644
a
|
b
|
class Tests_Privacy_WpPrivacyGeneratePersonalDataExportFile extends WP_UnitTestC |
478 | 478 | ), |
479 | 479 | array( |
480 | 480 | 'name' => 'Comment URL', |
481 | | 'value' => '<a href="http://localhost:8888/46894/2020/01/31/hello-world/#comment-2" target="_blank" rel="noreferrer noopener">http://localhost:8888/46894/2020/01/31/hello-world/#comment-2</a>', |
| 481 | 'value' => '<a href="http://localhost:8888/46894/2020/01/31/hello-world/#comment-2" target="_blank" rel="noopener">http://localhost:8888/46894/2020/01/31/hello-world/#comment-2</a>', |
482 | 482 | ), |
483 | 483 | ), |
484 | 484 | 'comment-3' => array( |
… |
… |
class Tests_Privacy_WpPrivacyGeneratePersonalDataExportFile extends WP_UnitTestC |
508 | 508 | ), |
509 | 509 | array( |
510 | 510 | 'name' => 'Comment URL', |
511 | | 'value' => '<a href="http://localhost:8888/46894/2020/01/31/hello-world/#comment-3" target="_blank" rel="noreferrer noopener">http://localhost:8888/46894/2020/01/31/hello-world/#comment-3</a>', |
| 511 | 'value' => '<a href="http://localhost:8888/46894/2020/01/31/hello-world/#comment-3" target="_blank" rel="noopener">http://localhost:8888/46894/2020/01/31/hello-world/#comment-3</a>', |
512 | 512 | ), |
513 | 513 | ), |
514 | 514 | ), |
… |
… |
class Tests_Privacy_WpPrivacyGeneratePersonalDataExportFile extends WP_UnitTestC |
620 | 620 | ), |
621 | 621 | array( |
622 | 622 | 'name' => 'Comment URL', |
623 | | 'value' => '<a href="http://localhost:8888/46894/2020/01/31/hello-world/#comment-2" target="_blank" rel="noreferrer noopener">http://localhost:8888/46894/2020/01/31/hello-world/#comment-2</a>', |
| 623 | 'value' => '<a href="http://localhost:8888/46894/2020/01/31/hello-world/#comment-2" target="_blank" rel="noopener">http://localhost:8888/46894/2020/01/31/hello-world/#comment-2</a>', |
624 | 624 | ), |
625 | 625 | ), |
626 | 626 | ), |
-
diff --git a/tests/phpunit/tests/rest-api/rest-attachments-controller.php b/tests/phpunit/tests/rest-api/rest-attachments-controller.php
index b4115d41e7..b70663788b 100644
a
|
b
|
class WP_Test_REST_Attachments_Controller extends WP_Test_REST_Post_Type_Control |
1162 | 1162 | 'rendered' => '<a href="#">link</a>', |
1163 | 1163 | ), |
1164 | 1164 | 'description' => array( |
1165 | | 'raw' => '<a href="#" target="_blank" rel="noopener noreferrer">link</a>', |
1166 | | 'rendered' => '<p><a href="#" target="_blank" rel="noopener noreferrer">link</a></p>', |
| 1165 | 'raw' => '<a href="#" target="_blank" rel="noopener">link</a>', |
| 1166 | 'rendered' => '<p><a href="#" target="_blank" rel="noopener">link</a></p>', |
1167 | 1167 | ), |
1168 | 1168 | 'caption' => array( |
1169 | | 'raw' => '<a href="#" target="_blank" rel="noopener noreferrer">link</a>', |
1170 | | 'rendered' => '<p><a href="#" target="_blank" rel="noopener noreferrer">link</a></p>', |
| 1169 | 'raw' => '<a href="#" target="_blank" rel="noopener">link</a>', |
| 1170 | 'rendered' => '<p><a href="#" target="_blank" rel="noopener">link</a></p>', |
1171 | 1171 | ), |
1172 | 1172 | ), |
1173 | 1173 | ), |
-
diff --git a/tests/phpunit/tests/rest-api/rest-posts-controller.php b/tests/phpunit/tests/rest-api/rest-posts-controller.php
index 9831bb0aab..31e9a2788b 100644
a
|
b
|
class WP_Test_REST_Posts_Controller extends WP_Test_REST_Post_Type_Controller_Te |
3696 | 3696 | 'rendered' => '<a href="#">link</a>', |
3697 | 3697 | ), |
3698 | 3698 | 'content' => array( |
3699 | | 'raw' => '<a href="#" target="_blank" rel="noopener noreferrer">link</a>', |
3700 | | 'rendered' => '<p><a href="#" target="_blank" rel="noopener noreferrer">link</a></p>', |
| 3699 | 'raw' => '<a href="#" target="_blank" rel="noopener">link</a>', |
| 3700 | 'rendered' => '<p><a href="#" target="_blank" rel="noopener">link</a></p>', |
3701 | 3701 | ), |
3702 | 3702 | 'excerpt' => array( |
3703 | | 'raw' => '<a href="#" target="_blank" rel="noopener noreferrer">link</a>', |
3704 | | 'rendered' => '<p><a href="#" target="_blank" rel="noopener noreferrer">link</a></p>', |
| 3703 | 'raw' => '<a href="#" target="_blank" rel="noopener">link</a>', |
| 3704 | 'rendered' => '<p><a href="#" target="_blank" rel="noopener">link</a></p>', |
3705 | 3705 | ), |
3706 | 3706 | ), |
3707 | 3707 | ), |
-
diff --git a/tests/phpunit/tests/widgets/custom-html-widget.php b/tests/phpunit/tests/widgets/custom-html-widget.php
index ad6a39b464..6447f5ec2d 100644
a
|
b
|
class Test_WP_Widget_Custom_HTML extends WP_UnitTestCase { |
304 | 304 | } |
305 | 305 | |
306 | 306 | /** |
307 | | * Ensure that rel="noopener noreferrer" is added to links with a target. |
| 307 | * Ensure that rel="noopener" is added to links with a target. |
308 | 308 | * |
309 | 309 | * @ticket 46421 |
310 | 310 | */ |
… |
… |
class Test_WP_Widget_Custom_HTML extends WP_UnitTestCase { |
326 | 326 | ); |
327 | 327 | |
328 | 328 | $output = get_echo( array( $widget, 'widget' ), array( $args, $instance ) ); |
329 | | $this->assertContains( 'rel="noopener noreferrer"', $output ); |
| 329 | $this->assertContains( 'rel="noopener"', $output ); |
330 | 330 | } |
331 | 331 | |
332 | 332 | /** |
333 | | * Ensure that rel="noopener noreferrer" is not added to links without a target. |
| 333 | * Ensure that rel="noopener" is not added to links without a target. |
334 | 334 | * |
335 | 335 | * @ticket 46421 |
336 | 336 | */ |
… |
… |
class Test_WP_Widget_Custom_HTML extends WP_UnitTestCase { |
352 | 352 | ); |
353 | 353 | |
354 | 354 | $output = get_echo( array( $widget, 'widget' ), array( $args, $instance ) ); |
355 | | $this->assertNotContains( 'rel="noopener noreferrer"', $output ); |
| 355 | $this->assertNotContains( 'rel="noopener"', $output ); |
356 | 356 | } |
357 | 357 | |
358 | 358 | } |
-
diff --git a/tests/phpunit/tests/widgets/media-image-widget.php b/tests/phpunit/tests/widgets/media-image-widget.php
index fc04e9adcc..64d02803c0 100644
a
|
b
|
class Test_WP_Widget_Media_Image extends WP_UnitTestCase { |
542 | 542 | |
543 | 543 | $this->assertContains( '<a href="https://example.org"', $output ); |
544 | 544 | $this->assertContains( 'target="_blank"', $output ); |
545 | | $this->assertContains( 'rel="noopener noreferrer"', $output ); |
| 545 | $this->assertContains( 'rel="noopener"', $output ); |
546 | 546 | |
547 | 547 | // Populate caption in attachment. |
548 | 548 | wp_update_post( |
-
diff --git a/tests/phpunit/tests/widgets/text-widget.php b/tests/phpunit/tests/widgets/text-widget.php
index 42ca86d709..3e8c7b7d8c 100644
a
|
b
|
class Test_WP_Widget_Text extends WP_UnitTestCase { |
1003 | 1003 | } |
1004 | 1004 | |
1005 | 1005 | /** |
1006 | | * Ensure that rel="noopener noreferrer" is added to links with a target. |
| 1006 | * Ensure that rel="noopener" is added to links with a target. |
1007 | 1007 | * |
1008 | 1008 | * @ticket 46421 |
1009 | 1009 | */ |
… |
… |
class Test_WP_Widget_Text extends WP_UnitTestCase { |
1026 | 1026 | |
1027 | 1027 | $output = get_echo( array( $widget, 'widget' ), array( $args, $instance ) ); |
1028 | 1028 | |
1029 | | $this->assertContains( 'rel="noopener noreferrer"', $output ); |
| 1029 | $this->assertContains( 'rel="noopener"', $output ); |
1030 | 1030 | } |
1031 | 1031 | |
1032 | 1032 | /** |
1033 | | * Ensure that rel="noopener noreferrer" is not added to links without a target. |
| 1033 | * Ensure that rel="noopener" is not added to links without a target. |
1034 | 1034 | * |
1035 | 1035 | * @ticket 46421 |
1036 | 1036 | */ |
… |
… |
class Test_WP_Widget_Text extends WP_UnitTestCase { |
1053 | 1053 | |
1054 | 1054 | $output = get_echo( array( $widget, 'widget' ), array( $args, $instance ) ); |
1055 | 1055 | |
1056 | | $this->assertNotContains( 'rel="noopener noreferrer"', $output ); |
| 1056 | $this->assertNotContains( 'rel="noopener"', $output ); |
1057 | 1057 | } |
1058 | 1058 | } |
-
diff --git a/tests/qunit/index.html b/tests/qunit/index.html
index f0fb32d49d..fbce482b68 100644
a
|
b
|
|
1166 | 1166 | <span class="name">Alternative Text</span> |
1167 | 1167 | <input type="text" value="{{ data.alt }}" aria-describedby="alt-text-description" {{ maybeReadOnly }} /> |
1168 | 1168 | </label> |
1169 | | <p class="description" id="alt-text-description"><a href="https://www.w3.org/WAI/tutorials/images/decision-tree" target="_blank" rel="noopener noreferrer">Describe the purpose of the image<span class="screen-reader-text"> (opens in a new tab)</span></a>. Leave empty if the image is purely decorative.</p> |
| 1169 | <p class="description" id="alt-text-description"><a href="https://www.w3.org/WAI/tutorials/images/decision-tree" target="_blank" rel="noopener">Describe the purpose of the image<span class="screen-reader-text"> (opens in a new tab)</span></a>. Leave empty if the image is purely decorative.</p> |
1170 | 1170 | <# } #> |
1171 | 1171 | <label class="setting" data-setting="title"> |
1172 | 1172 | <span class="name">Title</span> |
… |
… |
|
1331 | 1331 | <span class="name">Alt Text</span> |
1332 | 1332 | <input type="text" value="{{ data.alt }}" aria-describedby="alt-text-description" {{ maybeReadOnly }} /> |
1333 | 1333 | </label> |
1334 | | <p class="description" id="alt-text-description"><a href="https://www.w3.org/WAI/tutorials/images/decision-tree" target="_blank" rel="noopener noreferrer">Describe the purpose of the image<span class="screen-reader-text"> (opens in a new tab)</span></a>. Leave empty if the image is purely decorative.</p> |
| 1334 | <p class="description" id="alt-text-description"><a href="https://www.w3.org/WAI/tutorials/images/decision-tree" target="_blank" rel="noopener">Describe the purpose of the image<span class="screen-reader-text"> (opens in a new tab)</span></a>. Leave empty if the image is purely decorative.</p> |
1335 | 1335 | <# } #> |
1336 | 1336 | <label class="setting" data-setting="title"> |
1337 | 1337 | <span class="name">Title</span> |
… |
… |
|
1623 | 1623 | <span>Alternative Text</span> |
1624 | 1624 | <input type="text" data-setting="alt" aria-describedby="alt-text-description" /> |
1625 | 1625 | </label> |
1626 | | <p class="description" id="alt-text-description"><a href="https://www.w3.org/WAI/tutorials/images/decision-tree" target="_blank" rel="noopener noreferrer">Describe the purpose of the image<span class="screen-reader-text"> (opens in a new tab)</span></a>. Leave empty if the image is purely decorative.</p> |
| 1626 | <p class="description" id="alt-text-description"><a href="https://www.w3.org/WAI/tutorials/images/decision-tree" target="_blank" rel="noopener">Describe the purpose of the image<span class="screen-reader-text"> (opens in a new tab)</span></a>. Leave empty if the image is purely decorative.</p> |
1627 | 1627 | |
1628 | 1628 | <label class="setting caption"> |
1629 | 1629 | <span>Caption</span> |
… |
… |
|
1678 | 1678 | <span>Alternative Text</span> |
1679 | 1679 | <input type="text" data-setting="alt" value="{{ data.model.alt }}" aria-describedby="alt-text-description" /> |
1680 | 1680 | </label> |
1681 | | <p class="description" id="alt-text-description"><a href="https://www.w3.org/WAI/tutorials/images/decision-tree" target="_blank" rel="noopener noreferrer">Describe the purpose of the image<span class="screen-reader-text"> (opens in a new tab)</span></a>. Leave empty if the image is purely decorative.</p> |
| 1681 | <p class="description" id="alt-text-description"><a href="https://www.w3.org/WAI/tutorials/images/decision-tree" target="_blank" rel="noopener">Describe the purpose of the image<span class="screen-reader-text"> (opens in a new tab)</span></a>. Leave empty if the image is purely decorative.</p> |
1682 | 1682 | |
1683 | 1683 | <label class="setting caption"> |
1684 | 1684 | <span>Caption</span> |