WordPress.org
Get WordPress

Make WordPress Core


Ignore:
Timestamp:
04/08/2019 11:17:35 PM (6 years ago)
Author:
pento
Message:

Widgets: Add rel="noopener noreferrer" to links with target="_blank" in the Text and HTML widgets.

Props audrasjb, birgire, mukesh27.
Fixes #46421.

File:
1 edited

Legend:

Unmodified
Added
Removed

  • trunk/tests/phpunit/tests/widgets/text-widget.php

    r44578 r45143  
    10021002        $this->assertContains( '<script type="text/html" id="tmpl-widget-text-control-fields">', $output );
    10031003    }
     1004
     1005    /**
     1006     * Ensure that rel="noopener noreferrer" is added to links with a target.
     1007     *
     1008     * @ticket 46421
     1009     */
     1010    function test_render_links_with_target() {
     1011        $widget = new WP_Widget_Text();
     1012
     1013        $text = 'Test content with an external <a href="https://example.org" target="_blank">link</a>.';
     1014
     1015        $args = array(
     1016            'before_title'  => '<h2>',
     1017            'after_title'   => '</h2>',
     1018            'before_widget' => '',
     1019            'after_widget'  => '',
     1020        );
     1021
     1022        $instance = array(
     1023            'title' => 'Foo',
     1024            'text'  => $text,
     1025        );
     1026
     1027        $output = get_echo( array( $widget, 'widget' ), array( $args, $instance ) );
     1028
     1029        $this->assertContains( 'rel="noopener noreferrer"', $output );
     1030    }
     1031
     1032    /**
     1033     * Ensure that rel="noopener noreferrer" is not added to links without a target.
     1034     *
     1035     * @ticket 46421
     1036     */
     1037    function test_render_links_without_target() {
     1038        $widget = new WP_Widget_Text();
     1039
     1040        $text = 'Test content with an internal <a href="/">link</a>.';
     1041
     1042        $args = array(
     1043            'before_title'  => '<h2>',
     1044            'after_title'   => '</h2>',
     1045            'before_widget' => '',
     1046            'after_widget'  => '',
     1047        );
     1048
     1049        $instance = array(
     1050            'title' => 'Foo',
     1051            'text'  => $text,
     1052        );
     1053
     1054        $output = get_echo( array( $widget, 'widget' ), array( $args, $instance ) );
     1055
     1056        $this->assertNotContains( 'rel="noopener noreferrer"', $output );
     1057    }
    10041058}
Note: See TracChangeset for help on using the changeset viewer.