WordPress.org

Make WordPress Core


Ignore:
Timestamp:
12/12/2016 02:05:22 AM (4 years ago)
Author:
dd32
Message:

Customize: Trim whitespace for URLs supplied for external_header_video to prevent esc_url_raw() from making them invalid.

Props tyxla.
See #38172.
Merges [39560] to the 4.7 branch.
Fixes #39125.

Location:
branches/4.7
Files:
2 edited

Legend:

Unmodified
Added
Removed
  • branches/4.7

  • branches/4.7/tests/phpunit/tests/customize/manager.php

    r39507 r39573  
    25812581        $this->assertEquals( $panels_sorted, array_keys( $result ) );
    25822582    }
     2583
     2584    /**
     2585     * Verify sanitization of external header video URL will trim the whitespaces in the beginning and end of the URL.
     2586     *
     2587     * @ticket 39125
     2588     */
     2589    function test_sanitize_external_header_video_trim() {
     2590        $this->manager->register_controls();
     2591        $setting = $this->manager->get_setting( 'external_header_video' );
     2592        $video_url = 'https://www.youtube.com/watch?v=KiS8rZBeIO0';
     2593
     2594        $whitespaces = array(
     2595            ' ',  // space
     2596            "\t", // horizontal tab
     2597            "\n", // line feed
     2598            "\r", // carriage return,
     2599            "\f", // form feed,
     2600            "\v", // vertical tab
     2601        );
     2602
     2603        foreach ( $whitespaces as $whitespace  ) {
     2604            $sanitized = $setting->sanitize( $whitespace . $video_url . $whitespace );
     2605            $this->assertEquals( $video_url, $sanitized );
     2606        }
     2607    }
    25832608}
    25842609
Note: See TracChangeset for help on using the changeset viewer.