From 855bbef616d66e3009b5e91fd4f3a676752ce792 Mon Sep 17 00:00:00 2001 From: Sergey Biryukov Date: Thu, 17 Jun 2021 11:28:55 +0000 Subject: [PATCH] REST API: Decode HTML entities in widget names and descriptions in widget types controller. Follow-up to [50995]. Props ramonopoly, noisysocks, spacedmonkey, justinahinon, audrasjb, SergeyBiryukov. Fixes #53407. git-svn-id: https://develop.svn.wordpress.org/trunk@51174 602fd350-edb4-49c9-b593-d223f7449a82 --- .../class-wp-rest-widget-types-controller.php | 12 ++++++++-- .../rest-api/rest-widget-types-controller.php | 22 ++++++++++++++++++- 2 files changed, 31 insertions(+), 3 deletions(-) diff --git a/src/wp-includes/rest-api/endpoints/class-wp-rest-widget-types-controller.php b/src/wp-includes/rest-api/endpoints/class-wp-rest-widget-types-controller.php index f09277c173..0578c06f69 100644 --- a/src/wp-includes/rest-api/endpoints/class-wp-rest-widget-types-controller.php +++ b/src/wp-includes/rest-api/endpoints/class-wp-rest-widget-types-controller.php @@ -210,8 +210,16 @@ class WP_REST_Widget_Types_Controller extends WP_REST_Controller { $parsed_id = wp_parse_widget_id( $widget['id'] ); $widget_object = $wp_widget_factory->get_widget_object( $parsed_id['id_base'] ); - $widget['id'] = $parsed_id['id_base']; - $widget['is_multi'] = (bool) $widget_object; + $widget['id'] = $parsed_id['id_base']; + $widget['is_multi'] = (bool) $widget_object; + + if ( isset( $widget['name'] ) ) { + $widget['name'] = html_entity_decode( $widget['name'] ); + } + + if ( isset( $widget['description'] ) ) { + $widget['description'] = html_entity_decode( $widget['description'] ); + } unset( $widget['callback'] ); diff --git a/tests/phpunit/tests/rest-api/rest-widget-types-controller.php b/tests/phpunit/tests/rest-api/rest-widget-types-controller.php index d415294759..d19daebdad 100644 --- a/tests/phpunit/tests/rest-api/rest-widget-types-controller.php +++ b/tests/phpunit/tests/rest-api/rest-widget-types-controller.php @@ -198,6 +198,27 @@ class WP_Test_REST_Widget_Types_Controller extends WP_Test_REST_Controller_Testc $this->assertErrorResponse( 'rest_widget_type_invalid', $response, 404 ); } + /** + * @ticket 53407 + */ + public function test_get_widgets_decodes_html_entities() { + wp_set_current_user( self::$admin_id ); + $widget_id = 'archives'; + wp_register_sidebar_widget( + $widget_id, + 'Legacy ‑ Archive ‑ Widget', + function() {}, + array( + 'description' => 'A great & interesting archive of your site’s posts!', + ) + ); + $request = new WP_REST_Request( 'GET', '/wp/v2/widget-types/archives' ); + $response = rest_get_server()->dispatch( $request ); + $data = $response->get_data(); + $this->assertSame( 'Legacy ‑ Archive ‑ Widget', $data['name'] ); + $this->assertSame( 'A great & interesting archive of your site’s posts!', $data['description'] ); + } + /** * @ticket 41683 */ @@ -492,7 +513,6 @@ class WP_Test_REST_Widget_Types_Controller extends WP_Test_REST_Controller_Testc $wp_widget_factory->widgets['WP_Widget_Search']->widget_options['show_instance_in_rest'] = true; } - /** * The test_create_item() method does not exist for widget types. */