WordPress.org

Make WordPress Core

Changeset 50370


Ignore:
Timestamp:
02/16/2021 11:36:44 PM (7 months ago)
Author:
peterwilsoncc
Message:

General: Add noindex robots meta tag to search results.

Prevent search engines indexing internal search results to protect against reflected web spam attacks.

Props abagtcs, audrasjb, ayeshrajans, burtrw, johnbillion, jonoaldersonwp, peterwilsoncc, poena, sabernhardt, xkon.
Fixes #52457

Location:
trunk
Files:
3 edited

Legend:

Unmodified
Added
Removed
  • trunk/src/wp-includes/default-filters.php

    r50131 r50370  
    239239// Robots filters.
    240240add_filter( 'wp_robots', 'wp_robots_noindex' );
     241add_filter( 'wp_robots', 'wp_robots_noindex_search' );
    241242add_filter( 'wp_robots', 'wp_robots_max_image_preview_large' );
    242243
  • trunk/src/wp-includes/robots-template.php

    r50078 r50370  
    8989
    9090/**
     91 * Adds noindex to the robots meta tag if a search is being performed.
     92 *
     93 * If a search is being performed then noindex will be output to
     94 * tell web robots not to index the page content. Add this to the
     95 * {@see 'wp_robots'} filter.
     96 *
     97 * Typical usage is as a {@see 'wp_robots'} callback:
     98 *
     99 *     add_filter( 'wp_robots', 'wp_robots_noindex_search' );
     100 *
     101 * @since 5.7.0
     102 * @see wp_robots_no_robots()
     103 *
     104 * @param array $robots Associative array of robots directives.
     105 * @return array Filtered robots directives.
     106 */
     107function wp_robots_noindex_search( array $robots ) {
     108    if ( is_search() ) {
     109        return wp_robots_no_robots( $robots );
     110    }
     111
     112    return $robots;
     113}
     114
     115/**
    91116 * Adds noindex to the robots meta tag.
    92117 *
  • trunk/tests/phpunit/tests/robots.php

    r50284 r50370  
    177177    }
    178178
     179    /**
     180     * @ticket 52457
     181     */
     182    public function test_wp_robots_search_page() {
     183        add_filter( 'wp_robots', 'wp_robots_noindex_search' );
     184        $this->go_to( home_url( '?s=ticket+52457+core.trac.wordpress.org' ) );
     185
     186        $output = get_echo( 'wp_robots' );
     187        $this->assertContains( 'noindex', $output );
     188    }
     189
     190    /**
     191     * @ticket 52457
     192     */
     193    public function test_wp_robots_non_search_page() {
     194        add_filter( 'wp_robots', 'wp_robots_noindex_search' );
     195        $this->go_to( home_url() );
     196
     197        $output = get_echo( 'wp_robots' );
     198        $this->assertNotContains( 'noindex', $output );
     199    }
     200
    179201    public function add_noindex_directive( array $robots ) {
    180202        $robots['noindex'] = true;
Note: See TracChangeset for help on using the changeset viewer.