Make WordPress Core

Opened 8 years ago

Closed 8 years ago

#37623 closed defect (bug) (fixed)

Import screen: Success message contains escaped HTML

Reported by: pavelevap's profile pavelevap Owned by: ocean90's profile ocean90
Milestone: 4.6 Priority: normal
Severity: normal Version: 4.6
Component: Import Keywords: has-patch commit
Focuses: javascript, administration Cc:

Description

See attached screenshot.

Attachments (5)

Importer_message.png (7.4 KB) - added by pavelevap 8 years ago.
37623.diff (810 bytes) - added by swissspidy 8 years ago.
37623.2.diff (1.2 KB) - added by swissspidy 8 years ago.
37623.3.diff (1.2 KB) - added by swissspidy 8 years ago.
37623.4.diff (1.2 KB) - added by ocean90 8 years ago.

Download all attachments as: .zip

Change History (17)

#1 @ocean90
8 years ago

  • Component changed from General to Import
  • Focuses javascript administration added
  • Keywords needs-patch added
  • Milestone changed from Awaiting Review to 4.6
  • Summary changed from Strange message when installing importer to Import screen: Success message contains escaped HTML

#2 @swissspidy
8 years ago

Introduced in [38206]

@swissspidy
8 years ago

#3 @swissspidy
8 years ago

  • Keywords has-patch added; needs-patch removed
  • Owner set to ocean90
  • Status changed from new to reviewing

#4 @janhenckens
8 years ago

Patch tested, looks good on my end.

@swissspidy
8 years ago

#5 @pavelevap
8 years ago

Anyway, is this message needed when there is inline update with aria notices?

@swissspidy
8 years ago

#6 @swissspidy
8 years ago

  • Keywords needs-testing added

New patch uploaded with different way of escaping.

@pavelevap Yes, because there aren't inline notices on every screen.

@ocean90
8 years ago

#7 @pavelevap
8 years ago

But screen with importers has inline notices and this message is special only for this screen (so it is redundant)? But probably I am missing something :-)

#8 @azaozz
8 years ago

  • Keywords commit added; needs-testing removed

37623.4.diff works as expected.

#9 @DrewAPicture
8 years ago

37623.4.diff Works as expected here too.

https://cl.ly/370c3M003N3m/Screen%20Shot%202016-08-10%20at%2012.41.48%20PM.png

#10 @azaozz
8 years ago

  • Resolution set to fixed
  • Status changed from reviewing to closed

In 38240:

Update/Install error messages: do not escape from the template, escape the error message string before inserting it.

Props swissspidy, ocean90.
Fixes #37623 for trunk.

#11 @azaozz
8 years ago

  • Resolution fixed deleted
  • Status changed from closed to reopened

Reopen for 4.6.

#12 @azaozz
8 years ago

  • Resolution set to fixed
  • Status changed from reopened to closed

In 38241:

Update/Install error messages: do not escape from the template, escape the error message string before inserting it.

Props swissspidy, ocean90.
Fixes #37623 for 4.6.

Note: See TracTickets for help on using tickets.