Make WordPress Core

Changeset 50566


Ignore:
Timestamp:
03/23/2021 11:00:03 PM (4 years ago)
Author:
peterwilsoncc
Message:

Robots: Remove contradictory directive check in wp_robots().

Removes the mutually exclusive directives check in wp_robots(), ie allow both follow and nofollow to be specified and for archive and noarchive to be specified.

This fixes a bug in which WordPress would defer to the most permissive over the least permissive. When contradictory instructions are included, WordPress will defer to the search engine's or archivist's resolution policy: generally this is to observe the least, not most permissive.

Props Cybr, flixos90.
Fixes #52713.

Location:
trunk
Files:
2 edited

Legend:

Unmodified
Added
Removed
  • trunk/src/wp-includes/robots-template.php

    r50371 r50566  
    1616 *
    1717 * @since 5.7.0
     18 * @since 5.7.1 No longer prevents specific directives to occur together.
    1819 */
    1920function wp_robots() {
     
    3031     */
    3132    $robots = apply_filters( 'wp_robots', array() );
    32 
    33     // Don't allow mutually exclusive directives.
    34     if ( ! empty( $robots['follow'] ) ) {
    35         unset( $robots['nofollow'] );
    36     }
    37     if ( ! empty( $robots['nofollow'] ) ) {
    38         unset( $robots['follow'] );
    39     }
    40     if ( ! empty( $robots['archive'] ) ) {
    41         unset( $robots['noarchive'] );
    42     }
    43     if ( ! empty( $robots['noarchive'] ) ) {
    44         unset( $robots['archive'] );
    45     }
    4633
    4734    $robots_strings = array();
  • trunk/tests/phpunit/tests/robots.php

    r50370 r50566  
    7070        $output = get_echo( 'wp_robots' );
    7171        $this->assertContains( "'{$expected_directives_string}'", $output );
    72     }
    73 
    74     /**
    75      * @ticket 51511
    76      */
    77     public function test_wp_robots_includes_basic_sanitization_follow_nofollow() {
    78         // Only follow or nofollow can be present, with follow taking precedence.
    79         add_filter( 'wp_robots', array( $this, 'add_follow_directive' ) );
    80         add_filter( 'wp_robots', array( $this, 'add_nofollow_directive' ) );
    81         $output = get_echo( 'wp_robots' );
    82         $this->assertContains( "'follow'", $output );
    83 
    84         // Consider truthyness of the directive value though.
    85         // Here nofollow is true, follow is false.
    86         add_filter( 'wp_robots', array( $this, 'remove_follow_directive' ), 11 );
    87         add_filter( 'wp_robots', array( $this, 'add_nofollow_directive' ), 11 );
    88         $output = get_echo( 'wp_robots' );
    89         $this->assertContains( "'nofollow'", $output );
    90 
    91         // Consider truthyness of the directive value though.
    92         // Here follow is true, nofollow is false.
    93         add_filter( 'wp_robots', array( $this, 'add_follow_directive' ), 12 );
    94         add_filter( 'wp_robots', array( $this, 'remove_nofollow_directive' ), 12 );
    95         $output = get_echo( 'wp_robots' );
    96         $this->assertContains( "'follow'", $output );
    97     }
    98 
    99     /**
    100      * @ticket 51511
    101      */
    102     public function test_wp_robots_includes_basic_sanitization_archive_noarchive() {
    103         // Only archive or noarchive can be present, with archive taking precedence.
    104         add_filter( 'wp_robots', array( $this, 'add_archive_directive' ) );
    105         add_filter( 'wp_robots', array( $this, 'add_noarchive_directive' ) );
    106         $output = get_echo( 'wp_robots' );
    107         $this->assertContains( "'archive'", $output );
    108 
    109         // Consider truthyness of the directive value though.
    110         // Here noarchive is true, archive is false.
    111         add_filter( 'wp_robots', array( $this, 'remove_archive_directive' ), 11 );
    112         add_filter( 'wp_robots', array( $this, 'add_noarchive_directive' ), 11 );
    113         $output = get_echo( 'wp_robots' );
    114         $this->assertContains( "'noarchive'", $output );
    115 
    116         // Consider truthyness of the directive value though.
    117         // Here archive is true, noarchive is false.
    118         add_filter( 'wp_robots', array( $this, 'add_archive_directive' ), 12 );
    119         add_filter( 'wp_robots', array( $this, 'remove_noarchive_directive' ), 12 );
    120         $output = get_echo( 'wp_robots' );
    121         $this->assertContains( "'archive'", $output );
    12272    }
    12373
     
    208158        return $robots;
    209159    }
    210 
    211     public function add_follow_directive( array $robots ) {
    212         $robots['follow'] = true;
    213         return $robots;
    214     }
    215 
    216     public function remove_follow_directive( array $robots ) {
    217         $robots['follow'] = false;
    218         return $robots;
    219     }
    220 
    221     public function add_nofollow_directive( array $robots ) {
    222         $robots['nofollow'] = true;
    223         return $robots;
    224     }
    225 
    226     public function remove_nofollow_directive( array $robots ) {
    227         $robots['nofollow'] = false;
    228         return $robots;
    229     }
    230 
    231     public function add_archive_directive( array $robots ) {
    232         $robots['archive'] = true;
    233         return $robots;
    234     }
    235 
    236     public function remove_archive_directive( array $robots ) {
    237         $robots['archive'] = false;
    238         return $robots;
    239     }
    240 
    241     public function add_noarchive_directive( array $robots ) {
    242         $robots['noarchive'] = true;
    243         return $robots;
    244     }
    245 
    246     public function remove_noarchive_directive( array $robots ) {
    247         $robots['noarchive'] = false;
    248         return $robots;
    249     }
    250160}
Note: See TracChangeset for help on using the changeset viewer.