#53407 closed defect (bug) (fixed)
Widgets editor: HTML entities appear in Legacy Widget's description
Reported by: | ramonopoly | Owned by: | SergeyBiryukov |
---|---|---|---|
Milestone: | 5.8 | Priority: | normal |
Severity: | normal | Version: | 5.8 |
Component: | REST API | Keywords: | has-patch has-unit-tests needs-refresh |
Focuses: | rest-api | Cc: |
Description
HTML entities appear in Legacy Widget's description. For example:
A monthly archive of your site’s Posts.
How to reproduce
- Head over to /wp-admin/themes.php?page=gutenberg-widgets and select a widget block.
- Check out the description in the inspector controls.
What I expected
The widget description in the block inspector should say "A monthly archive of your site’s Posts."
That is, with no encoded entities.
This is a duplicate report of GB31023, which was fixed in the plugin for sites running WP 5.7 in GB32503
cc @TimothyBJacobs @noisysocks
Attachments (1)
Change History (14)
This ticket was mentioned in PR #1371 on WordPress/wordpress-develop by ramonjd.
3 years ago
#2
- Keywords has-patch added; needs-patch removed
Trac ticket: https://core.trac.wordpress.org/ticket/53407
## Description
HTML entities appear in Legacy Widget's description. For example:
A monthly archive of your site’s Posts.
😱
This commit converts widget name and description HTML entities to their corresponding characters in the REST API response using html_entity_decode.
The decoding occurs before the call to prepare_item_for_response
which sanitizes the value.
### Before
<img width="324" alt="Screen Shot 2021-06-15 at 3 56 34 pm" src="https://user-images.githubusercontent.com/6458278/122031674-435f8a00-ce12-11eb-9034-66bdb2b3eadb.png">
### After
<img width="344" alt="Screen Shot 2021-06-15 at 3 57 04 pm" src="https://user-images.githubusercontent.com/6458278/122031708-48bcd480-ce12-11eb-9434-f294c1359f51.png">
## Testing
- Head over to
/wp-admin/themes.php?page=gutenberg-widgets
and select a widget block. - Check out the description in the inspector controls.
#3
in reply to:
↑ 1
@
3 years ago
Replying to spacedmonkey:
Might be related to #53138
Oh, I didn't see that. Thanks for pointing it out.
#53138 looks like it targets the source strings, whereas Github #1371 will decode all titles/description for the API response.
I'm happy to close this ticket if folks prefer. Cheers!
#4
@
3 years ago
- Component changed from Widgets to REST API
- Keywords has-unit-tests commit added
- Milestone changed from Awaiting Review to 5.8
Thanks @ramonopoly! The fix looks good to me. I think it's a more suitable alternative to #53138 as it is permitted that HTML entities can be in the title and description.
#6
@
3 years ago
- Owner set to SergeyBiryukov
- Resolution set to fixed
- Status changed from new to closed
In 51174:
#8
@
3 years ago
Coding Standards: Fix WPCS issue in [51174].
Thanks for spotting the extra spaces I'd left in there @SergeyBiryukov !
#9
@
3 years ago
- Keywords needs-refresh added; commit removed
- Resolution fixed deleted
- Status changed from closed to reopened
Is there a reason why single-quotes should not be decoded? For consistency with similar calls we should pass ENT_QUOTES
as the second argument and also set the encoding to the value of get_bloginfo( 'charset' )
.
#10
@
3 years ago
Is there a reason why single-quotes should not be decoded?
Ah, this was an oversight. Good spotting, thank you @ocean90
Just to confirm, we should change it to something like:
$widget['description'] = html_entity_decode( $widget['description'], ENT_QUOTES, get_bloginfo( 'charset' ) )
SergeyBiryukov commented on PR #1371:
3 years ago
#11
Thanks for the PR! Merged in https://core.trac.wordpress.org/changeset/51174.
SergeyBiryukov commented on PR #1371:
3 years ago
#13
The latest commits are now also merged in https://core.trac.wordpress.org/changeset/51183.
HTML entities appear in the Legacy Widget block's description.