Changeset 60617

Timestamp:

08/07/2025 08:31:07 AM (6 months ago)

Author:

jonsurrell

Message:

HTML API: Reduce length checks in skip_script_data.

Apply an optimization to remove several repeated string length checks in WP_HTML_Tag_Processor::skip_script_data().

Developed in ​https://github.com/WordPress/wordpress-develop/pull/9230.

Props jonsurrell, dmsnell.
See #63738.

Location:

trunk

Files:

• src/wp-includes/html-api/class-wp-html-tag-processor.php (modified) (7 diffs)
• tests/phpunit/tests/html-api/wpHtmlTagProcessor.php (modified) (1 diff)

trunk/src/wp-includes/html-api/class-wp-html-tag-processor.php

@@ -1498 +1498 @@
 
             /*
+             * Optimization: Terminating a complete script element requires at least eight
+             * additional bytes in the document. Some checks below may cause local escaped
+             * state transitions when processing shorter strings, but those transitions are
+             * irrelevant if the script tag is incomplete and the function must return false.
+             *
+             * This may need updating if those transitions become significant or exported from
+             * this function in some way, such as when building safe methods to embed JavaScript
+             * or data inside a SCRIPT element.
+             *
+             *     $at may be here.
+             *        ↓
+             *     ...</script>
+             *         ╰──┬───╯
+             *     $at + 8 additional bytes are required for a non-false return value.
+             *
+             * This single check eliminates the need to check lengths for the shorter spans:
+             *
+             *           $at may be here.
+             *                  ↓
+             *     <script><!-- --></script>
+             *                   ├╯
+             *             $at + 2 additional characters does not require a length check.
+             *
+             * The transition from "escaped" to "unescaped" is not relevant if the document ends:
+             *
+             *           $at may be here.
+             *                  ↓
+             *     <script><!-- -->[[END-OF-DOCUMENT]]
+             *                   ╰──┬───╯
+             *             $at + 8 additional bytes is not satisfied, return false.
+             */
+            if ( $at + 8 >= $doc_length ) {
+                return false;
+            }
+
+            /*
              * For all script states a "-->"  transitions
              * back into the normal unescaped script mode,
@@ -1503 +1539 @@
              */
             if (
-                $at + 2 < $doc_length &&
                 '-' === $html[ $at ] &&
                 '-' === $html[ $at + 1 ] &&
@@ -1511 +1546 @@
                 $state = 'unescaped';
                 continue;
-            }
-
-            if ( $at + 1 >= $doc_length ) {
-                return false;
             }
 
@@ -1538 +1569 @@
              */
             if (
-                $at + 2 < $doc_length &&
                 '!' === $html[ $at ] &&
                 '-' === $html[ $at + 1 ] &&
@@ -1562 +1592 @@
              */
             if ( ! (
-                $at + 6 < $doc_length &&
                 ( 's' === $html[ $at ] || 'S' === $html[ $at ] ) &&
                 ( 'c' === $html[ $at + 1 ] || 'C' === $html[ $at + 1 ] ) &&
@@ -1580 +1609 @@
              * "<script" is found within the text.
              */
-            if ( $at + 6 >= $doc_length ) {
-                continue;
-            }
             $at += 6;
             $c   = $html[ $at ];
@@ -1612 +1638 @@
 
                 if ( $this->bytes_already_parsed >= $doc_length ) {
-                    $this->parser_state = self::STATE_INCOMPLETE_INPUT;
-
                     return false;
                 }

trunk/tests/phpunit/tests/html-api/wpHtmlTagProcessor.php

@@ -1979 +1979 @@
                 '<script class="d-md-none"><!--<script>--><scRipt><span><!--<span><Script</script>--></scripT><div></div>-->',
             ),
+        );
+    }
+
+    /**
+     * Test that script tags are parsed correctly.
+     *
+     * Script tag parsing is very complicated, see the following resources for more details:
+     *
+     * - https://html.spec.whatwg.org/multipage/parsing.html#script-data-state
+     * - https://html.spec.whatwg.org/multipage/scripting.html#restrictions-for-contents-of-script-elements
+     *
+     * @ticket 63738
+     *
+     * @dataProvider data_script_tag
+     */
+    public function test_script_tag_parsing( string $input, bool $closes ) {
+        $processor = new WP_HTML_Tag_Processor( $input );
+
+        if ( $closes ) {
+            $this->assertTrue( $processor->next_token(), 'Expected to find complete script tag.' );
+            $this->assertSame( 'SCRIPT', $processor->get_tag() );
+            return;
+        }
+
+        $this->assertFalse( $processor->next_token(), 'Expected to fail next_token().' );
+        $this->assertTrue( $processor->paused_at_incomplete_token(), 'Expected an incomplete SCRIPT tag token.' );
+    }
+
+    /**
+     * Data provider.
+     */
+    public static function data_script_tag(): array {
+        return array(
+            'Basic script tag'                          => array( '<script></script>', true ),
+            'Script with type attribute'                => array( '<script type="text/javascript"></script>', true ),
+            'Script data escaped'                       => array( '<script><!--</script>', true ),
+            'Script data double-escaped exit (comment)' => array( '<script><!--<script>--></script>', true ),
+            'Script data double-escaped exit (closed)'  => array( '<script><!--<script></script></script>', true ),
+            'Script data double-escaped exit (closed/truncated)' => array( '<script><!--<script></script </script>', true ),
+            'Script data no double-escape'              => array( '<script><!-- --><script></script>', true ),
+
+            'Script tag with self-close flag (ignored)' => array( '<script />', false ),
+            'Script data double-escaped'                => array( '<script><!--<script></script>', false ),
         );
     }