Make WordPress Core

Opened 6 years ago

Last modified 3 months ago

#43785 new defect (bug)

wptexturize fails to skip JavaScript if code contains <

Reported by: nextendweb's profile nextendweb Owned by:
Milestone: Future Release Priority: normal
Severity: normal Version:
Component: Formatting Keywords: wptexturize needs-patch needs-unit-tests
Focuses: Cc:

Description

As the documentation states: Text enclosed in the tags <pre>, <code>, <kbd>, <style>, <script>, and <tt> will be skipped

If the script tag contains < character inside, then the wptexturize functions fails and starts to encode the codes.

<?php
echo wptexturize('<script type="text/javascript">window&&document</script>');
//Result: <script type="text/javascript">if(a>b)window&&document</script>
// OK

wptexturize -> preg_split -> $textarr value:

Array
(
    [0] => <script type="text/javascript">
    [1] => if(a>b)window&&document
    [2] => </script>
)

<?php
echo wptexturize('<script type="text/javascript">if(a>b)window&&document</script>');
//Result: <script type="text/javascript">window&&document</script>
// OK

wptexturize -> preg_split -> $textarr value:

Array
(
    [0] => <script type="text/javascript">
    [1] => window&&document
    [2] => </script>
)

<?php
echo wptexturize('<script type="text/javascript">if(a<b)window&&document</script>');
//Result: <script type="text/javascript">if(a<b)window&#038;&#038;document</script>
// ERROR

wptexturize -> preg_split -> $textarr value:

Array
(
    [0] => <script type="text/javascript">
    [1] => if(a
    [2] => <b)window&&document</script>
)

&& characters encoded into &#038;&#038; which breaks the JavaScript code.

This issue can happen if shortcode inserted into the editor and the editor value rendered with the wptexturize function and the shortcode contains JavaScript code.


More tests which works as expected:

<?php
echo wptexturize('<script type="text/javascript">$("<div/>").length&&document</script>');
echo wptexturize('<script type="text/javascript">$("<div></div>").length&&document</script>');

Change History (4)

#1 @sabernhardt
3 months ago

#49480 was marked as a duplicate.

#2 @sabernhardt
3 months ago

#50461 was marked as a duplicate.

#3 @sabernhardt
3 months ago

#61540 was marked as a duplicate.

#4 @sabernhardt
3 months ago

  • Keywords wptexturize needs-patch needs-unit-tests added
  • Milestone changed from Awaiting Review to Future Release

This likely started in 4.4.1 because it is caused by the regex added in [36036].

The wptexturize() function already skips HTML comments (checking for <!--), but it does not continue if the < is between <script and </script>. (That might be achievable with the HTML API.)

Unit tests should be updated to account for multiple ampersand possibilities within a script tag.

Note: See TracTickets for help on using tickets.