Make WordPress Core

Changeset 49537


Ignore:
Timestamp:
11/08/2020 09:50:07 AM (4 years ago)
Author:
SergeyBiryukov
Message:

Site Health: Validate the test result data format in JS before using it.

This will discard any invalid responses instead of causing fatal errors.

It also makes badges optional, on the same basis as actions are optional. They are expected, but there may be situations where they are not present.

Props Clorith, dogwithblog, kraftbj, whyisjake, SergeyBiryukov.
Fixes #50145.

Location:
trunk/src
Files:
2 edited

Legend:

Unmodified
Added
Removed
  • trunk/src/js/_enqueues/admin/site-health.js

    r49334 r49537  
    6767
    6868    /**
     69     * Validates the Site Health test result format.
     70     *
     71     * @since 5.6.0
     72     *
     73     * @param {Object} issue
     74     *
     75     * @return {boolean}
     76     */
     77    function validateIssueData( issue ) {
     78        // Expected minimum format of a valid SiteHealth test response.
     79        var minimumExpected = {
     80                test: 'string',
     81                label: 'string',
     82                description: 'string'
     83            },
     84            passed = true,
     85            key, value, subKey, subValue;
     86
     87        // If the issue passed is not an object, return a `false` state early.
     88        if ( 'object' !== typeof( issue ) ) {
     89            return false;
     90        }
     91
     92        // Loop over expected data and match the data types.
     93        for ( key in minimumExpected ) {
     94            value = minimumExpected[ key ];
     95
     96            if ( 'object' === typeof( value ) ) {
     97                for ( subKey in value ) {
     98                    subValue = value[ subKey ];
     99
     100                    if ( 'undefined' === typeof( issue[ key ] ) ||
     101                        'undefined' === typeof( issue[ key ][ subKey ] ) ||
     102                        subValue !== typeof( issue[ key ][ subKey ] )
     103                    ) {
     104                        passed = false;
     105                    }
     106                }
     107            } else {
     108                if ( 'undefined' === typeof( issue[ key ] ) ||
     109                    value !== typeof( issue[ key ] )
     110                ) {
     111                    passed = false;
     112                }
     113            }
     114        }
     115
     116        return passed;
     117    }
     118
     119    /**
    69120     * Appends a new issue to the issue list.
    70121     *
     
    78129            heading,
    79130            count;
     131
     132        /*
     133         * Validate the issue data format before using it.
     134         * If the output is invalid, discard it.
     135         */
     136        if ( ! validateIssueData( issue ) ) {
     137            return false;
     138        }
    80139
    81140        SiteHealth.site_status.issues[ issue.status ]++;
  • trunk/src/wp-admin/site-health.php

    r47529 r49537  
    145145        <button aria-expanded="false" class="health-check-accordion-trigger" aria-controls="health-check-accordion-block-{{ data.test }}" type="button">
    146146            <span class="title">{{ data.label }}</span>
    147             <span class="badge {{ data.badge.color }}">{{ data.badge.label }}</span>
     147            <# if ( data.badge ) { #>
     148                <span class="badge {{ data.badge.color }}">{{ data.badge.label }}</span>
     149            <# } #>
    148150            <span class="icon"></span>
    149151        </button>
Note: See TracChangeset for help on using the changeset viewer.