WordPress.org

Make WordPress Core

Opened 11 months ago

Closed 10 months ago

Last modified 10 months ago

#44113 closed defect (bug) (fixed)

Add `esc_html` to assertion in test_wp_comments_personal_data_exporter

Reported by: mermel Owned by: azaozz
Milestone: 4.9.7 Priority: normal
Severity: minor Version: 4.9.6
Component: Privacy Keywords: has-patch commit
Focuses: Cc:

Description

The line in `test_wp_comments_personal_data_exporter:

$this->assertSame( get_comment_link( $comment_id ), strip_tags( $actual['data'][0]['data'][7]['value'] ) );

needs to be updated to:

$this->assertSame( esc_html( get_comment_link( $comment_id ) ), strip_tags( $actual['data'][0]['data'][7]['value'] ) );.

This is due to this change in 4.9.6 which escapes comment URLs in personal export files. The test is not currently failing because there is nothing to escape in the provided test link. If an install is configured to allow cpage as an arg and an ampersand is added to the link, this test will fail.

Attachments (1)

44113.patch (782 bytes) - added by 1naveengiri 11 months ago.
Added a patch

Download all attachments as: .zip

Change History (10)

#1 @iandunn
11 months ago

  • Keywords needs-patch added
  • Milestone changed from Awaiting Review to 4.9.6
  • Status changed from new to assigned

Thanks for catching that!

@1naveengiri
11 months ago

Added a patch

#2 @1naveengiri
11 months ago

  • Keywords has-patch added; needs-patch removed

#3 @desrosj
11 months ago

  • Component changed from Comments to Privacy

Moving to the new Privacy component.

#4 @casiepa
11 months ago

  • Milestone changed from 4.9.6 to 4.9.7

Bug moved to milestone 4.9.7

#5 @desrosj
11 months ago

  • Keywords commit added

Looks good to me.

#6 @desrosj
11 months ago

  • Version changed from trunk to 4.9.6

This ticket was mentioned in Slack in #core-privacy by desrosj. View the logs.


10 months ago

#8 @azaozz
10 months ago

  • Owner set to azaozz
  • Resolution set to fixed
  • Status changed from assigned to closed

In 43371:

Privacy: add esc_html to assertion in test_wp_comments_personal_data_exporter.

Props mermel, 1naveengiri.
Fixes #44113.

#9 @azaozz
10 months ago

In 43372:

Privacy: add esc_html to assertion in test_wp_comments_personal_data_exporter.

Props mermel, 1naveengiri.
Merges [43371] to the 4.9 branch.
Fixes #44113.

Note: See TracTickets for help on using tickets.