Changeset 47947
- Timestamp:
- 06/10/2020 04:34:18 PM (5 years ago)
- Location:
- trunk
- Files:
-
- 3 edited
Legend:
- Unmodified
- Added
- Removed
-
trunk/src/wp-includes/default-filters.php
r47597 r47947 583 583 add_filter( 'the_excerpt_embed', 'wp_embed_excerpt_attachment' ); 584 584 585 add_filter( 'oembed_dataparse', 'wp_filter_oembed_iframe_title_attribute', 5, 3 ); 585 586 add_filter( 'oembed_dataparse', 'wp_filter_oembed_result', 10, 3 ); 586 add_filter( 'oembed_dataparse', 'wp_filter_oembed_iframe_title_attribute', 20, 3 );587 587 add_filter( 'oembed_response_data', 'get_oembed_response_data_rich', 10, 4 ); 588 588 add_filter( 'pre_oembed_result', 'wp_filter_pre_oembed_result', 10, 3 ); -
trunk/src/wp-includes/embed.php
r47832 r47947 807 807 $title = ! empty( $data->title ) ? $data->title : ''; 808 808 809 $pattern = '`<iframe[^>]*?title=(\\\\\'|\\\\"|[\'"])([^>]*?)\1`i'; 810 $has_title_attr = preg_match( $pattern, $result, $matches ); 811 812 if ( $has_title_attr && ! empty( $matches[2] ) ) { 813 $title = $matches[2]; 809 $pattern = '`<iframe([^>]*)>`i'; 810 if ( preg_match( $pattern, $result, $matches ) ) { 811 $attrs = wp_kses_hair( $matches[1], wp_allowed_protocols() ); 812 813 foreach ( $attrs as $attr => $item ) { 814 $lower_attr = strtolower( $attr ); 815 if ( $lower_attr === $attr ) { 816 continue; 817 } 818 if ( ! isset( $attrs[ $lower_attr ] ) ) { 819 $attrs[ $lower_attr ] = $item; 820 unset( $attrs[ $attr ] ); 821 } 822 } 823 } 824 825 if ( ! empty( $attrs['title']['value'] ) ) { 826 $title = $attrs['title']['value']; 814 827 } 815 828 … … 830 843 } 831 844 832 if ( $has_title_attr) {833 // Remove the old title, $matches[1]: quote, $matches[2]: title attribute value.834 $ result = str_replace( ' title=' . $matches[1] . $matches[2] . $matches[1], '', $result);835 }836 845 if ( isset( $attrs['title'] ) ) { 846 unset( $attrs['title'] ); 847 $attr_string = join( ' ', wp_list_pluck( $attrs, 'whole' ) ); 848 $result = str_replace( $matches[0], '<iframe ' . trim( $attr_string ) . '>', $result ); 849 } 837 850 return str_ireplace( '<iframe ', sprintf( '<iframe title="%s" ', esc_attr( $title ) ), $result ); 838 851 } -
trunk/tests/phpunit/tests/oembed/filterResult.php
r46586 r47947 94 94 } 95 95 96 public function _data_oembed_test_strings() { 97 return array( 98 array( 99 '<blockquote></blockquote><iframe title=""></iframe>', 100 '<blockquote class="wp-embedded-content"></blockquote><iframe class="wp-embedded-content" sandbox="allow-scripts" security="restricted" style="position: absolute; clip: rect(1px, 1px, 1px, 1px);" title="Hola"></iframe>', 101 ), 102 array( 103 '<blockquote class="foo" id="bar"><strong><a href="" target=""></a></strong></blockquote><iframe width=123></iframe>', 104 '<blockquote class="wp-embedded-content"><a href=""></a></blockquote><iframe class="wp-embedded-content" sandbox="allow-scripts" security="restricted" style="position: absolute; clip: rect(1px, 1px, 1px, 1px);" title="Hola" width="123"></iframe>', 105 ), 106 array( 107 '<blockquote><iframe width="100"></iframe></blockquote><iframe stitle="aaaa"></iframe>', 108 '<blockquote class="wp-embedded-content"><iframe class="wp-embedded-content" sandbox="allow-scripts" security="restricted" style="position: absolute; clip: rect(1px, 1px, 1px, 1px);" title="Hola" width="100"></iframe></blockquote><iframe class="wp-embedded-content" sandbox="allow-scripts" security="restricted" style="position: absolute; clip: rect(1px, 1px, 1px, 1px);" title="Hola"></iframe>', 109 ), 110 array( 111 "<blockquote><iframe title=' width=\"'></iframe></blockquote><iframe title='' height=' title=' width=\"'' heigt='123'\"></iframe>", 112 '<blockquote class="wp-embedded-content"><iframe class="wp-embedded-content" sandbox="allow-scripts" security="restricted" style="position: absolute; clip: rect(1px, 1px, 1px, 1px);" title=" width=""></iframe></blockquote><iframe class="wp-embedded-content" sandbox="allow-scripts" security="restricted" style="position: absolute; clip: rect(1px, 1px, 1px, 1px);" title=" width="" height=\' title=\' width="\'\' heigt=\'123\'"></iframe>', 113 ), 114 ); 115 } 116 117 /** 118 * @dataProvider _data_oembed_test_strings 119 */ 120 public function test_wp_filter_pre_oembed_custom_result( $html, $expected ) { 121 $data = (object) array( 122 'type' => 'rich', 123 'title' => 'Hola', 124 'html' => $html, 125 ); 126 $actual = _wp_oembed_get_object()->data2html( $data, 'https://untrusted.localhost' ); 127 $this->assertEquals( $expected, $actual ); 128 } 129 96 130 /** 97 131 * @group feed
Note: See TracChangeset
for help on using the changeset viewer.