WordPress.org

Make WordPress Core

Opened 14 months ago

Closed 13 months ago

Last modified 13 months ago

#44113 closed defect (bug) (fixed)

Add `esc_html` to assertion in test_wp_comments_personal_data_exporter

Reported by: mermel Owned by: azaozz
Milestone: 4.9.7 Priority: normal
Severity: minor Version: 4.9.6
Component: Privacy Keywords: has-patch commit
Focuses: Cc:

Description

The line in `test_wp_comments_personal_data_exporter:

$this->assertSame( get_comment_link( $comment_id ), strip_tags( $actual['data'][0]['data'][7]['value'] ) );

needs to be updated to:

$this->assertSame( esc_html( get_comment_link( $comment_id ) ), strip_tags( $actual['data'][0]['data'][7]['value'] ) );.

This is due to this change in 4.9.6 which escapes comment URLs in personal export files. The test is not currently failing because there is nothing to escape in the provided test link. If an install is configured to allow cpage as an arg and an ampersand is added to the link, this test will fail.

Attachments (1)

44113.patch (782 bytes) - added by 1naveengiri 14 months ago.
Added a patch

Download all attachments as: .zip

Change History (10)

#1 @iandunn
14 months ago

  • Keywords needs-patch added
  • Milestone changed from Awaiting Review to 4.9.6
  • Status changed from new to assigned

Thanks for catching that!

@1naveengiri
14 months ago

Added a patch

#2 @1naveengiri
14 months ago

  • Keywords has-patch added; needs-patch removed

#3 @desrosj
14 months ago

  • Component changed from Comments to Privacy

Moving to the new Privacy component.

#4 @casiepa
14 months ago

  • Milestone changed from 4.9.6 to 4.9.7

Bug moved to milestone 4.9.7

#5 @desrosj
14 months ago

  • Keywords commit added

Looks good to me.

#6 @desrosj
14 months ago

  • Version changed from trunk to 4.9.6

This ticket was mentioned in Slack in #core-privacy by desrosj. View the logs.


13 months ago

#8 @azaozz
13 months ago

  • Owner set to azaozz
  • Resolution set to fixed
  • Status changed from assigned to closed

In 43371:

Privacy: add esc_html to assertion in test_wp_comments_personal_data_exporter.

Props mermel, 1naveengiri.
Fixes #44113.

#9 @azaozz
13 months ago

In 43372:

Privacy: add esc_html to assertion in test_wp_comments_personal_data_exporter.

Props mermel, 1naveengiri.
Merges [43371] to the 4.9 branch.
Fixes #44113.

Note: See TracTickets for help on using tickets.