Make WordPress Core

Changeset 36036


Ignore:
Timestamp:
12/21/2015 02:42:30 AM (8 years ago)
Author:
pento
Message:

Texturize: Transform & into & in tag attributes.

[35709] was overly broad, and stopped transforming & characters within tag attributes. So that sites aren't generating invalid HTML, we need to restore this functionality, while continuing to not transform & within blocked tags.

Fixes #35008 for trunk.

Location:
trunk
Files:
2 edited

Legend:

Unmodified
Added
Removed
  • trunk/src/wp-includes/formatting.php

    r35904 r36036  
    234234            } else {
    235235                // This is an HTML element delimiter.
     236
     237                // Replace each & with & unless it already looks like an entity.
     238                $curl = preg_replace( '/&(?!#(?:\d+|x[a-f0-9]+);|[a-z1-4]{1,8};)/i', '&', $curl );
     239
    236240                _wptexturize_pushpop_element( $curl, $no_texturize_tags_stack, $no_texturize_tags );
    237241            }
  • trunk/tests/phpunit/tests/formatting/WPTexturize.php

    r35709 r36036  
    1111
    1212    function test_disable() {
    13         $this->assertEquals('<pre>---</pre>', wptexturize('<pre>---</pre>'));
    14         $this->assertEquals('<pre><code></code>--</pre>', wptexturize('<pre><code></code>--</pre>'));
    15 
    16         $this->assertEquals( '<code>---</code>',     wptexturize( '<code>---</code>'     ) );
    17         $this->assertEquals( '<kbd>---</kbd>',       wptexturize( '<kbd>---</kbd>'       ) );
    18         $this->assertEquals( '<style>---</style>',   wptexturize( '<style>---</style>'   ) );
    19         $this->assertEquals( '<script>---</script>', wptexturize( '<script>---</script>' ) );
    20         $this->assertEquals( '<tt>---</tt>',         wptexturize( '<tt>---</tt>'         ) );
     13        $this->assertEquals('<pre>---&</pre>', wptexturize('<pre>---&</pre>'));
     14        $this->assertEquals('<pre><code></code>--&</pre>', wptexturize('<pre><code></code>--&</pre>'));
     15
     16        $this->assertEquals( '<code>---&</code>',     wptexturize( '<code>---&</code>'     ) );
     17        $this->assertEquals( '<kbd>---&</kbd>',       wptexturize( '<kbd>---&</kbd>'       ) );
     18        $this->assertEquals( '<style>---&</style>',   wptexturize( '<style>---&</style>'   ) );
     19        $this->assertEquals( '<script>---&</script>', wptexturize( '<script>---&</script>' ) );
     20        $this->assertEquals( '<tt>---&</tt>',         wptexturize( '<tt>---&</tt>'         ) );
    2121
    2222        $this->assertEquals('<code>href="baba"</code> &#8220;baba&#8221;', wptexturize('<code>href="baba"</code> "baba"'));
     
    12691269            array(
    12701270                '[ photos by <a href="http://example.com/?a[]=1&a[]=2"> this guy & that guy </a> ]',
    1271                 '[ photos by <a href="http://example.com/?a[]=1&a[]=2"> this guy &#038; that guy </a> ]',
     1271                '[ photos by <a href="http://example.com/?a[]=1&#038;a[]=2"> this guy &#038; that guy </a> ]',
    12721272            ),
    12731273            array(
    12741274                '[photos by <a href="http://example.com/?a[]=1&a[]=2"> this guy & that guy </a>]',
    1275                 '[photos by <a href="http://example.com/?a[]=1&a[]=2"> this guy &#038; that guy </a>]',
     1275                '[photos by <a href="http://example.com/?a[]=1&#038;a[]=2"> this guy &#038; that guy </a>]',
     1276            ),
     1277            array(
     1278                '& <script>&&</script>',
     1279                '&#038; <script>&&</script>'
    12761280            ),
    12771281            array(
Note: See TracChangeset for help on using the changeset viewer.