Make WordPress Core

Opened 7 months ago

Closed 7 months ago

Last modified 6 months ago

#59480 closed defect (bug) (fixed)

Harden/modernize JS in WP_Customize_Manager::remove_frameless_preview_messenger_channel()

Reported by: westonruter's profile westonruter Owned by: nicolefurlan's profile nicolefurlan
Milestone: 6.4 Priority: low
Severity: normal Version: 4.7
Component: Customize Keywords: has-patch has-testing-info
Focuses: javascript Cc:

Description

As pointed out by @dmsnell a PR comment for #58664, the JS logic in WP_Customize_Manager::remove_frameless_preview_messenger_channel() can be hardened/modernized. We can leverage URLSearchParams as well as URL rather than hacking with document.createElement('a'). This is similar to what was done for wp-embed in r56383.

Attachments (1)

59480.diff (1.2 KB) - added by nicolefurlan 7 months ago.
Patch for #59480

Download all attachments as: .zip

Change History (12)

#1 @binsaifullah
7 months ago

yes, it can be done, I think so.

This ticket was mentioned in PR #5345 on WordPress/wordpress-develop by @nicolefurlan.


7 months ago
#2

  • Keywords has-patch added; needs-patch removed

Hardens/modernizes the JavaScript in WP_Customize_Manager::remove_frameless_preview_messenger_channel(), leveraging URL instead of document.createElement('a').

Trac ticket: https://core.trac.wordpress.org/ticket/59480

#3 @nicolefurlan
7 months ago

  • Keywords has-testing-info needs-testing added
  • Owner set to nicolefurlan
  • Status changed from new to assigned

Testing Instructions

  1. On /wp-admin/themes.php, live preview a theme that does not use full site editing (Twenty Twenty-One or older) by clicking "Live Preview" on one of the themes.
  2. On /wp-admin/customize.php, open up dev tools and inspect the DOM to find the iframe within #customize-preview.
  3. Open the URL in the data-src attribute in a new tab.
  4. Verify that the customize_messenger_channel URL parameter is removed, and that the admin bar is shown.

This ticket was mentioned in Slack in #core-test by nicolefurlan. View the logs.


7 months ago

#5 follow-up: @westonruter
7 months ago

@nicolefurlan Thank you for the patch! FYI: No need to attach a patch as you can see the GitHub PR is automatically linked above. I'll review your PR.

#6 in reply to: ↑ 5 @nicolefurlan
7 months ago

Replying to westonruter:

@nicolefurlan Thank you for the patch! FYI: No need to attach a patch as you can see the GitHub PR is automatically linked above. I'll review your PR.

Thank you! That's good to know. This was my first core contribution so I wasn't totally sure :)

@nicolefurlan
7 months ago

Patch for #59480

#7 @nicolefurlan
7 months ago

@westonruter I did update the patch in this ticket to reflect the changes we discussed in the PR, just to make sure things stay consistent. But going forward, I won't bother adding a patch. 👍

#8 @westonruter
7 months ago

  • Resolution set to fixed
  • Status changed from assigned to closed

In 56749:

Customize: Harden and modernize URL manipulation in WP_Customize_Manager::remove_frameless_preview_messenger_channel().

Since IE11 is no longer supported, the URL and URLSearchParams APIs can now be leveraged for simpler and more robust URL manipulation. This was done similarly in [56383] for embed.js.

Props nicolefurlan, dmsnell, westonruter.
Fixes #59480.

@westonruter commented on PR #5345:


7 months ago
#9

Committed in r56749. Congratulations on your first core contribution!

#10 follow-up: @webcommsat
6 months ago

@westonruter as this ticket is closed as a fix, does it still needs its other keywords listed, eg good first bug, needs testing etc? I am just going through tickets in the milestone by component to re-check for the Field Guide and Dev notes, and came across this. Thanks.

#11 in reply to: ↑ 10 @westonruter
6 months ago

  • Keywords good-first-bug needs-testing removed

Replying to webcommsat:

@westonruter as this ticket is closed as a fix, does it still needs its other keywords listed, eg good first bug, needs testing etc? I am just going through tickets in the milestone by component to re-check for the Field Guide and Dev notes, and came across this. Thanks.

I removed good-first-bug and needs-testing.

Note: See TracTickets for help on using tickets.