WordPress.org
Get WordPress

Make WordPress Core

Opened 4 weeks ago

Closed 13 days ago

Last modified 13 days ago

#64089 closed defect (bug) (fixed)

Post titles containing non-breaking hyphens are not sanitized

Reported by: patpiwo's profile patpiwo Owned by: westonruter's profile westonruter
Milestone: 6.9 Priority: normal
Severity: trivial Version: 4.5
Component: Formatting Keywords: has-patch has-unit-tests
Focuses: Cc:

Description

The sanitize_title_with_dashes function is lacking sanitization of non-breaking hyphens.

Attachments (1)

64089.diff (1008 bytes) - added by patpiwo 4 weeks ago.

Download all attachments as: .zip

Change History (11)

@patpiwo
4 weeks ago

This ticket was mentioned in PR #10204 on WordPress/wordpress-develop by @patpiwo.
4 weeks ago #1

Adds URL-encoded non-breaking hyphen () to the list of characters converted to regular hyphens in sanitize_title_with_dashes()

Fixes ticket #64089

Trac ticket:

#2 follow-up: @westonruter
4 weeks ago

  • Keywords needs-unit-tests added
  • Milestone changed from Awaiting Review to 6.9

Thanks for opening this and for the PR!

I'm curious how you encountered this issue? Would there be other hyphen-like characters which would be suitable for turning into hyphens?

#4 @westonruter
2 weeks ago

  • Owner set to westonruter
  • Status changed from new to reviewing

#5 in reply to: ↑ 2 @patpiwo
2 weeks ago

Replying to westonruter:

Thanks for opening this and for the PR!

I'm curious how you encountered this issue? Would there be other hyphen-like characters which would be suitable for turning into hyphens?

Thanks for your quick feedback!

I encountered the issue when a user used the non-breaking hyphen in their post title. The non-breaking hyphen was used within a hyphenated product name which I assume they didn't want broken between lines. I'm guessing they copied it from some sort of marketing material but I'm not really sure.

As far as other hyphens go, I don't know if I have the knowlege to answer that question. I see 13 different characters listed under dash punctuation and I'm hesitant to broaden the scope of this fix unecessarily without knowing which dashes are common enough to be covered. If you have insight into this feel free to suggest or make any changes.

Last edited 2 weeks ago by patpiwo (previous) (diff)

@westonruter commented on PR #10204:
2 weeks ago #6

I wanted to take this as an opportunity to improve maintenance of this going forward so I've added ff2d2a7. This is begging for a review from @dmsnell!

#7 @westonruter
2 weeks ago

  • Keywords has-unit-tests added; needs-unit-tests removed
  • Version changed from trunk to 4.5

Follow-up to [18705] (5c6b6c0), [36775] (13e409a).

See #31790, #10797.

#8 @westonruter
13 days ago

  • Resolution set to fixed
  • Status changed from reviewing to closed

In 61061:

Formatting: Replace non-breaking hyphens (U+2011) with hyphens in sanitize_title_with_dashes().

Developed in https://github.com/WordPress/wordpress-develop/pull/10204

Follow-up to [18705], [36775].

Props patpiwo, westonruter, dmsnell.
See #31790, #10797.
Fixes #64089.

#9 @westonruter
13 days ago

Follow-up ticket to improve robustness: #64151

@westonruter commented on PR #10204:
13 days ago #10

Committed in r61061

Note: See TracTickets for help on using tickets.