Make WordPress Core

Opened 7 years ago

Closed 7 years ago

#39797 closed defect (bug) (fixed)

Customizer Preview JS Object triggers preview pane refresh on javascript behavior

Reported by: brianjfleming's profile brianjfleming Owned by: westonruter's profile westonruter
Milestone: 4.7.3 Priority: normal
Severity: normal Version: 4.7
Component: Customize Keywords: has-patch commit fixed-major
Focuses: javascript Cc:

Description

When rendering anchor tags in customizer, the customize-preview.js object injects customizer states into the href attributes of those links as follows. These seem to help affect the pane-refresh and customizer behavior within the preview pane.

<a href="https:/mywebsite.com/some-page-permalink/?customize_changeset_uuid=5b88a13f-e309-4c1d-9c30-6e1acdf46912&customize_messenger_channel=preview-0">

When the href attribute value is a standard anchor hash, the preview object appends nothing as the link does not need to have any sort of special behavior so-to-speak within the customizer preview pane.

<a href="#">

However, anchor tag hash behavior will dictate a jump to the top of the page which is often avoided in using a javascript: void(0); or similar href value, which customizer is hooking as a valid reference url and clicking that triggers a page refresh, which seems like unintended behavior.

<a href="javascript: void(0);?customize_changeset_uuid=5b88a13f-e309-4c1d-9c30-6e1acdf46912&customize_messenger_channel=preview-0">

Have also tried with href values of the following with the same results:

href="javascript:;"
href="javascript: return false;"

Attachments (2)

39797.0.diff (937 bytes) - added by westonruter 7 years ago.
39797.1.diff (1.0 KB) - added by westonruter 7 years ago.
Account for mailto: or any other non-HTTP/HTTPS link

Download all attachments as: .zip

Change History (10)

@westonruter
7 years ago

#1 @westonruter
7 years ago

  • Keywords has-patch needs-testing added
  • Milestone changed from Awaiting Review to 4.7.3
  • Owner set to westonruter
  • Status changed from new to accepted
  • Version changed from 4.7.1 to 4.7

@brianjfleming great catch. Please test 39797.0.diff. Thanks!

#2 @brianjfleming
7 years ago

@westonruter - 39797.0.diff was applied to where we were experiencing the issue and appears to fix the issue. Ran it through a series of case studies as well with expected behavior. Thank you for the fix.

@westonruter
7 years ago

Account for mailto: or any other non-HTTP/HTTPS link

#3 @westonruter
7 years ago

@brianjfleming I just realized that core is also not accounting for mailto: and other non-HTTP(s) links. Could you also please test 39797.1.diff?

#4 @brianjfleming
7 years ago

@westonruter Using the https test seems to clear up everything so far as anchor links as well as other prefixed protocols. Good catch!

#5 @westonruter
7 years ago

  • Keywords commit added; needs-testing removed

Thanks for testing!

#6 @westonruter
7 years ago

  • Resolution set to fixed
  • Status changed from accepted to closed

In 40064:

Customize: Skip intercepting non-HTTP(S) links in customizer preview just as jump links are ignored.

Ensures that links with javascript:, mailto: and other protocols work as expected in the customizer preview.

Fixes #39797.

#7 @westonruter
7 years ago

  • Keywords fixed-major added
  • Resolution fixed deleted
  • Status changed from closed to reopened

Re-opening for 4.7.3.

#8 @dd32
7 years ago

  • Resolution set to fixed
  • Status changed from reopened to closed

In 40096:

Customize: Skip intercepting non-HTTP(S) links in customizer preview just as jump links are ignored.

Ensures that links with javascript:, mailto: and other protocols work as expected in the customizer preview.

Props westonruter.
Merges [40064] to the 4.7 branch.
Fixes #39797.

Note: See TracTickets for help on using tickets.