mirror of
https://github.com/gosticks/wordpress-develop.git
synced 2026-07-01 15:50:09 +00:00
In wptexturize() + tests:
* Allow well-formed HTML inside of shortcode attributes * Restrict recursion. HTML is allowed but ignored. * Do not allow exotic HTML comments in shortcode attributes. * Continue to ignore the [ and ] chars if they appear in any HTML attribute. * Update related regex patterns. * Update unit tests. Props miqrogroove. Fixes #28564. git-svn-id: https://develop.svn.wordpress.org/trunk@28773 602fd350-edb4-49c9-b593-d223f7449a82
This commit is contained in:
@@ -1145,6 +1145,10 @@ class Tests_Formatting_WPTexturize extends WP_UnitTestCase {
|
||||
|
||||
function data_tag_avoidance() {
|
||||
return array(
|
||||
array(
|
||||
'[ is it wise to <a title="allow user content ] here? hmm"> maybe </a> ]',
|
||||
'[ is it wise to <a title="allow user content ] here? hmm"> maybe </a> ]',
|
||||
),
|
||||
array(
|
||||
'[ photos by <a href="http://example.com/?a[]=1&a[]=2"> this guy </a> ]',
|
||||
'[ photos by <a href="http://example.com/?a[]=1&a[]=2"> this guy </a> ]',
|
||||
@@ -1194,8 +1198,8 @@ class Tests_Formatting_WPTexturize extends WP_UnitTestCase {
|
||||
'[gallery …',
|
||||
),
|
||||
array(
|
||||
'[gallery <br ... /> ...]', // This tag is still valid. Shortcode 'attributes' are not considered in the initial parsing of shortcodes, and HTML is allowed.
|
||||
'[gallery <br ... /> ...]',
|
||||
'[gallery <br ... /> …]',
|
||||
),
|
||||
array(
|
||||
'<br [gallery ...] ... />',
|
||||
@@ -1234,8 +1238,8 @@ class Tests_Formatting_WPTexturize extends WP_UnitTestCase {
|
||||
'[/gallery ...]]',
|
||||
),
|
||||
array(
|
||||
'[[gallery <br ... /> ...]]', // This gets parsed as an escaped shortcode with embedded HTML. Brains may explode.
|
||||
'[[gallery <br ... /> ...]]',
|
||||
'[[gallery <br ... /> …]]',
|
||||
),
|
||||
array(
|
||||
'<br [[gallery ...]] ... />',
|
||||
|
||||
Reference in New Issue
Block a user