-
Notifications
You must be signed in to change notification settings - Fork 2.7k
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
HTML API: Add normalization functions. #7331
Conversation
The HTML Processor understands HTML regardless of how it's written, but many other functions are unable to do so. There are all sorts of syntax peculiarities and semantics that would be helpful to eliminate using the knowledge contained in the HTML Processor. This patch introduces `WP_HTML_Processor::normalize( $html )` as a method which takes a fragment of HTML as input and then returns a serialized version of the input, "cleaning it up" by balancing all tags, providing all missing optional tags, re-encoding all text, removing all duplicate attributes, and double-quote-escaping all attribute values. Core-62036
The following accounts have interacted with this PR and/or linked issues. I will continue to update these lists as activity occurs. You can also manually ask me to refresh this list by adding the Core Committers: Use this line as a base for the props when committing in SVN:
To understand the WordPress project's expectations around crediting contributors, please review the Contributor Attribution page in the Core Handbook. |
Test using WordPress PlaygroundThe changes in this pull request can previewed and tested using a WordPress Playground instance. WordPress Playground is an experimental project that creates a full WordPress instance entirely within the browser. Some things to be aware of
For more details about these limitations and more, check out the Limitations page in the WordPress Playground documentation. |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Nice: force_balance_tags()
: The Next Generation
*/ | ||
public function serialize(): ?string { | ||
if ( WP_HTML_Tag_Processor::STATE_READY !== $this->parser_state ) { | ||
return null; |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Would this make sense to throw an exception?
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
I've tried to avoid throwing exceptions in use code. Tell me more about the value of potentially crashing vs. returning null
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Well, I guess to give more information about why it is returning null
. Maybe _doing_it_wrong()
then would be better? It would be helpful to get feedback in code for what is documented:
* This differs from {@see WP_HTML_Processor::normalize} in that it starts with
* a specific HTML Processor, which _must_ not have already started scanning;
* it must be in the initial ready state and will be in the completed state once
* serialization is complete.
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
ah okay I see now. another thought I had was resetting to the beginning, parsing, and returning to the previous location, which involves double-parsing if already mid-way through a document.
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
I've called wp_trigger_error()
in these cases.
while ( $this->next_token() ) { | ||
$token_type = $this->get_token_type(); | ||
|
||
switch ( $token_type ) { |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
ah good catch: it should also serialize the PI node tag name, which would match what you wrote. looks like this needs a review of all of the invalid comment syntax
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
these should all be updated now. if something lingers I'd like to fix it, but ultimately if we botch an invalid comment, I'm guessing it's not the end of the world.
these will go into test cases.
} | ||
|
||
if ( ! $in_html && $this->has_self_closing_flag() ) { | ||
$html .= '/'; |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
While not required, it seems a space is usually added here in the wild, right? (e.g. Prettier does this)
$html .= '/'; | |
$html .= ' /'; |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
a good thought. with double-quoted attributes it's not relevant, but with unquoted attribute values it becomes relevant. we don't need that since we control quoting. maybe it's best to add it in anyway for the same of other tools.
if ( null !== $this->get_last_error() ) { | ||
return null; | ||
} |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Similarly here, it would be helpful to know why it returned null
.
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
this is a tougher question because it would conflate the basic ?string
return value. practically I think this can only occur if the HTML is unsupported (in which case we really shouldn't return any processed string) or we've run out of bookmarks (which should be unrealistically rare - and that reminds me, I found 2500 bookmarks sufficient to parse everything in my set of ~300k HTML documents, and I intend on upping the default value to support that for 6.7).
suppose you know why this failed: what would you do in response?
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
It could also use _doing_it_wrong()
here too to communicate that information, I suppose. Or rather, wp_trigger_error()
would be the more relevant function. If I knew why it failed then I wouldn't have to figure out why it failed. True it probably wouldn't impact the result in the end, but for debugging it would be useful.
Looking at where last_error
is set, it seems to always coincide with throwing an exception anyway. So in practice would this if
statement ever be entered?
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
the exceptions thrown internally are caught and shut down parsing, but does not crash. unsupported content exceptions are returned via get_unsupported_exception()
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
I've called wp_trigger_error()
in these cases.
Co-authored-by: Weston Ruter <[email protected]>
If code later in the processing pipeline adds unquoted attributes and doesn't add the requisite space following that, then another parser might find that the solidus is part of the attribute value instead of serving as a self-closing flag. Co-authored-by: Weston Ruter <[email protected]>
Co-authored-by: Weston Ruter <[email protected]>
Co-authored-by: Weston Ruter <[email protected]>
Co-authored-by: Weston Ruter <[email protected]>
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
This is pretty exciting, I'd like to start adding tests for it.
I just added it to the html api debugger when supported.
I'd love to start adding tests for this. One good test will be idempotency, where after an initial normalization, subsequent normalizations will be identical.
This mentions null bytes here specifically:
Text will be re-encoded, null bytes handled, and invalid UTF-8 replaced with U+FFFD.
I think that's working correctly in text. Should it also be handled in tag names, attribute names, and attribute values?
Input (null bytes replaces for clarity)
<div␀-nb nb-att-␀-="nb-val-␀-">
Normalized output:
<div␀-nb nb-att-␀-="nb-val-␀-"></div␀-nb>
Expected:
<div�-nb nb-att-�-="nb-val-�-"></div�-nb>
There are some known issues from HTML5lib tests similar to the PI problems mentioned here: #7331 (comment) wordpress-develop/tests/phpunit/tests/html-api/wpHtmlProcessorHtml5lib.php Lines 28 to 30 in 4712210
There's no good way to read the comment under some circumstances and something like a wordpress-develop/tests/phpunit/data/html5lib-tests/tree-construction/comments01.dat Line 156 in 4712210
wordpress-develop/tests/phpunit/data/html5lib-tests/tree-construction/comments01.dat Line 170 in 4712210
wordpress-develop/tests/phpunit/data/html5lib-tests/tree-construction/html5test-com.dat Line 130 in 4712210
Each of these does not satisfy the PI constraint (missing There are a couple of cases like this, I think they're all CORRECTION: I've edited it, it was initially incorrect. The bogus comments starting with
|
We'd talked about a method to really inspect different types of comment text content. I've proposed a method in #7342. That would be helpful here. |
c5f1924
to
92558b9
Compare
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
This method is nice and it seems like it's in a good place. I'm happy to see it getting tests.
I'd like it if null bytes were normalized in more places (tag names, attribute names and values) before this lands.
HTML often appears in ways that are unexpected. It may be missing implicit tags, may have unquoted, single-quoted, or double-quoted attributes, may contain duplicate attributes, may contain unescaped text content, or any number of other possible invalid constructions. The HTML API understands all fo these inputs, but downline parsers may not, and HTML snippets which are safe on their own may introduce problems when joined with other HTML snippets. This patch introduces the `serialize()` method on the HTML Processor, which prints a fully-normative HTML output, eliminating invalid markup along the way. It produces a string which contains every missing tag, double-quoted attributes, and no duplicates. A `normalize()` static method on the HTML Processor provides a convenient wrapper for constructing a fragment parser and immediately serializing. Subclasses relying on the `serialize_token()` method may perform structural HTML modifications with as much security as the upcoming `\Dom\HTMLDocument()` parser will, though these are not able to provide the full safety that will eventually appear with `set_inner_html()`. Further work may explore serializing to XML (which involves a number of other important transformations) and adding constraints to serialization (such as only allowing inline/flow/formatting elements and text). Developed in #7331 Discussed in https://core.trac.wordpress.org/ticket/62036 Props dmsnell, jonsurrell, westonruter. Fixes #62036. git-svn-id: https://develop.svn.wordpress.org/trunk@59076 602fd350-edb4-49c9-b593-d223f7449a82
HTML often appears in ways that are unexpected. It may be missing implicit tags, may have unquoted, single-quoted, or double-quoted attributes, may contain duplicate attributes, may contain unescaped text content, or any number of other possible invalid constructions. The HTML API understands all fo these inputs, but downline parsers may not, and HTML snippets which are safe on their own may introduce problems when joined with other HTML snippets. This patch introduces the `serialize()` method on the HTML Processor, which prints a fully-normative HTML output, eliminating invalid markup along the way. It produces a string which contains every missing tag, double-quoted attributes, and no duplicates. A `normalize()` static method on the HTML Processor provides a convenient wrapper for constructing a fragment parser and immediately serializing. Subclasses relying on the `serialize_token()` method may perform structural HTML modifications with as much security as the upcoming `\Dom\HTMLDocument()` parser will, though these are not able to provide the full safety that will eventually appear with `set_inner_html()`. Further work may explore serializing to XML (which involves a number of other important transformations) and adding constraints to serialization (such as only allowing inline/flow/formatting elements and text). Developed in WordPress/wordpress-develop#7331 Discussed in https://core.trac.wordpress.org/ticket/62036 Props dmsnell, jonsurrell, westonruter. Fixes #62036. Built from https://develop.svn.wordpress.org/trunk@59076 git-svn-id: http://core.svn.wordpress.org/trunk@58472 1a063a9b-81f0-0310-95a4-ce76da25c4cd
HTML often appears in ways that are unexpected. It may be missing implicit tags, may have unquoted, single-quoted, or double-quoted attributes, may contain duplicate attributes, may contain unescaped text content, or any number of other possible invalid constructions. The HTML API understands all fo these inputs, but downline parsers may not, and HTML snippets which are safe on their own may introduce problems when joined with other HTML snippets. This patch introduces the `serialize()` method on the HTML Processor, which prints a fully-normative HTML output, eliminating invalid markup along the way. It produces a string which contains every missing tag, double-quoted attributes, and no duplicates. A `normalize()` static method on the HTML Processor provides a convenient wrapper for constructing a fragment parser and immediately serializing. Subclasses relying on the `serialize_token()` method may perform structural HTML modifications with as much security as the upcoming `\Dom\HTMLDocument()` parser will, though these are not able to provide the full safety that will eventually appear with `set_inner_html()`. Further work may explore serializing to XML (which involves a number of other important transformations) and adding constraints to serialization (such as only allowing inline/flow/formatting elements and text). Developed in WordPress/wordpress-develop#7331 Discussed in https://core.trac.wordpress.org/ticket/62036 Props dmsnell, jonsurrell, westonruter. Fixes #62036. Built from https://develop.svn.wordpress.org/trunk@59076 git-svn-id: https://core.svn.wordpress.org/trunk@58472 1a063a9b-81f0-0310-95a4-ce76da25c4cd
commit 835f864d4ea376eb79844eb6a941250762de3c12 Author: Dennis Snell <[email protected]> Date: Fri Sep 27 05:56:50 2024 +0000 WP_Debug_Data: Extract `wp-dropins` data into separate method. This is the seventh part in a larger modularization of the data in `WP_Debug_Data`. Previously this was a single massive method drawing in debug data from various groups of related data, where the groups were independent from each other. This patch separates the seventh of twelve groups, the `wp-dropins` info, into a separate method focused on that data. This work precedes changes to make the `WP_Debug_Data` class more extensible for better use by plugin and theme code. Developed in https://github.com/wordpress/wordpress-develop/pull/7418 Discussed in https://core.trac.wordpress.org/ticket/61648 Props apermo. See #61648. git-svn-id: https://develop.svn.wordpress.org/trunk@59100 602fd350-edb4-49c9-b593-d223f7449a82 commit 1e21ecedf19f1b97360949a9e509a3c04ac1f34e Author: Dennis Snell <[email protected]> Date: Fri Sep 27 00:42:47 2024 +0000 HTML API: Switch to HTML namespace when entering Integration Points. When encountering inline SVG and MathML content in an HTML document, there are certain "integration points" which transition back into the HTML parsing ruleset. Previously, the HTML API was incorrectly switching into the namespace of the element transitioning into that ruleset. In this patch, the correct transition is made, where all integration points refer to HTML rules, while non-integration points refer to the rules of the namespace corresponding to the token itself. Developed in https://github.com/wordpress/wordpress-develop/pull/7425 Discussed in https://core.trac.wordpress.org/ticket/61576 Props dmsnell, jonsurrell. See #61576. git-svn-id: https://develop.svn.wordpress.org/trunk@59099 602fd350-edb4-49c9-b593-d223f7449a82 commit bbec266c74fc47ce2919faa4cf3c6d43044588cb Author: Michal Czaplinski <[email protected]> Date: Thu Sep 26 19:35:26 2024 +0000 Revert [59097] because it was renaming a public method that should be deprecated instead. git-svn-id: https://develop.svn.wordpress.org/trunk@59098 602fd350-edb4-49c9-b593-d223f7449a82 commit ad1fabe41719f853ec5cdbdde5a9fba97444ff03 Author: Michal Czaplinski <[email protected]> Date: Thu Sep 26 17:53:11 2024 +0000 Interactivity API: Move interactivity-router i18n strings to Script Module data. Moves the 'loading' and 'loaded' i18n strings for the `interactivity-router` to the script module data via the `script_module_data_@wordpress/interactivity-router` filter. Key changes: - Add the `filter_script_module_interactivity_router_data()` method, hooked into the `script_module_data_@wordpress/interactivity-router` filter, to set the `i18n` data with the 'loading' and 'loaded' messages. - Rename the `print_router_loading_and_screen_reader_markup()` method to `print_router_markup()` and remove the screen reader markup from it because it's no longer needed. - Remove the `loading` and `loaded` strings from the `core/router` store state because they're no longer needed. - Initialize the `core/router` store with a minimal navigation object to prevent errors in the interactivity-router script module when the store is not properly initialized. - Update corresponding unit tests to reflect these changes. This change ensures that the `interactivity-router` i18n messages are localized in a single place and removes the need to initialize them in the `core/router` store state. Props jonsurrell, swissspidy, czapla. See #60647. git-svn-id: https://develop.svn.wordpress.org/trunk@59097 602fd350-edb4-49c9-b593-d223f7449a82 commit 66afbbdb519d4b21a2ed486de64e32eda3f5adde Author: Sergey Biryukov <[email protected]> Date: Thu Sep 26 15:39:06 2024 +0000 Administration: Escape the WordPress.org URL in `wp-admin/admin-footer.php`. Follow-up to [5892], [5955], [10976], [17879], [21366], [27469], [45927]. Props ramswarup, narenin, swissspidy. Fixes #62118. git-svn-id: https://develop.svn.wordpress.org/trunk@59096 602fd350-edb4-49c9-b593-d223f7449a82 commit d9cb6e7e9de61e36ba286aafcacc5d6dba2fc559 Author: Carlos Bravo <[email protected]> Date: Thu Sep 26 14:49:13 2024 +0000 Block bindings: Ensure block receives __default bindings when render. Fixes an issue with the image block when using pattern overrides, where the image block with overrides enabled was not outputting all the expected image attributes. Ensures that the `process_block_bindings` method returns any updates to the block's binding metadata along with other computed attributes. Props talldanwp, cbravobernal, santosguillamot, mukesh27, gziolo. Fixes #62069. git-svn-id: https://develop.svn.wordpress.org/trunk@59095 602fd350-edb4-49c9-b593-d223f7449a82 commit 8dd9ca0402745af44c6f2d018a8a8251e63b9764 Author: Jb Audras <[email protected]> Date: Thu Sep 26 13:48:06 2024 +0000 Help/About: Add plugin dependencies help tab on Plugins screen. This changeset adds a help tab added about plugin dependencies on the Plugins screen. Follow-up to [57545]. Fixes #60466. See #22316. Props desrosj, swissspidy, adarshposimyth, audrasjb, NekoJonez, DorZki, Boniu91, Ankit-K-Gupta, sigurdwatt. git-svn-id: https://develop.svn.wordpress.org/trunk@59094 602fd350-edb4-49c9-b593-d223f7449a82 commit 7d0e751ffbea99583e2dda8518ff5cc915bf0bd9 Author: Greg Ziółkowski <[email protected]> Date: Thu Sep 26 12:45:41 2024 +0000 Editor: Default attribute value not used with `get_block_wrapper_attributes` Ensures that the default values defined in the schema for block attributes are used when rendering the output of the block with `get_block_wrapper_attributes` helper. Props gziolo, jonsurrell, youknowriad, ryelle. Fixes #62114. git-svn-id: https://develop.svn.wordpress.org/trunk@59093 602fd350-edb4-49c9-b593-d223f7449a82 commit b071c28f8b6be06e464ccf582877e66c02859679 Author: Andrew Ozz <[email protected]> Date: Wed Sep 25 20:49:21 2024 +0000 Administration: Fix increasing of the frequency of Heartbeat API requests. Props peterwilsoncc, azaozz. Fixes #61960. git-svn-id: https://develop.svn.wordpress.org/trunk@59092 602fd350-edb4-49c9-b593-d223f7449a82 commit 9e290835d6f006997d59ebaf063df113bb15a363 Author: Tonya Mork <[email protected]> Date: Wed Sep 25 19:35:20 2024 +0000 Canonical: Redirect when front page's paginated states not found. Perform a canonical redirect for an invalid pagination request of a static front page. When a site has a static front page assigned and that page has a `<!--nextpage-->` within its content, previously accessing non-existing pages (e.g. `example.com/page/3/`) did not redirect or return a 404 or 301. This changeset resolves that issue by performing a canonical redirect. Unit tests are also included for this specific use case and to ensure the fix does not affect a blog listing home page. Follow-up to [47738], [47727], [34492]. Props dd32, audrasjb, chaion07, hellofromTonya, joemcgill, lukecarbis, Mte90, mukesh27, peterwilsoncc, rajinsharwar, SergeyBiryukov. Fixes #50163. See meta#5184. git-svn-id: https://develop.svn.wordpress.org/trunk@59091 602fd350-edb4-49c9-b593-d223f7449a82 commit b275b38768fc2c2208e44bf6e9121a117c8ce119 Author: Sergey Biryukov <[email protected]> Date: Wed Sep 25 18:06:27 2024 +0000 Twenty Nineteen: Add missing documentation for helper function parameters. Follow-up to [43808], [44149], [47214], [47242]. Props pitamdey. Fixes #62112. git-svn-id: https://develop.svn.wordpress.org/trunk@59090 602fd350-edb4-49c9-b593-d223f7449a82 commit 34c861b6a53cb82721ce0e82a3e2024d91c6ef7e Author: Michal Czaplinski <[email protected]> Date: Wed Sep 25 16:49:01 2024 +0000 Script Loader: Add `@wordpress/a11y` as a Script Module. The Script Module has the same API as the `wp-a11y` WP Script. Key changes: - Add `@wordpress/a11y` to the list of Script and Module dual packages. - Update `script-modules-packages.min.php` to include the a11y module. - Modify `WP_Script_Modules` class to track and handle a11y module availability. - Add method to print required HTML markup for a11y `speak()` functionality. See #60647. Props jonsurrell, gziolo, czapla. git-svn-id: https://develop.svn.wordpress.org/trunk@59089 602fd350-edb4-49c9-b593-d223f7449a82 commit 9fc6fa134df8976b4144b0f67c22b23ed97b639a Author: Michal Czaplinski <[email protected]> Date: Wed Sep 25 16:32:23 2024 +0000 Revert [59087] due to empty commit message git-svn-id: https://develop.svn.wordpress.org/trunk@59088 602fd350-edb4-49c9-b593-d223f7449a82 commit 6df7ce67ca2fa9a1058cf25a599b1007416973a2 Author: Michal Czaplinski <[email protected]> Date: Wed Sep 25 15:55:56 2024 +0000 git-svn-id: https://develop.svn.wordpress.org/trunk@59087 602fd350-edb4-49c9-b593-d223f7449a82 commit 7f4fd30dffdfe8d7d817c2cdb4ab98408f1c0add Author: Sergey Biryukov <[email protected]> Date: Tue Sep 24 19:15:33 2024 +0000 Build/Test Tools: Only require the WordPress Importer plugin when running core tests. This allows other users of the WordPress unit test suite framework to run their own unit tests without needing the WordPress Importer plugin, which should only be a requirement if running core tests. Follow-up to [59085]. Props bjorsch. Fixes #62106. git-svn-id: https://develop.svn.wordpress.org/trunk@59086 602fd350-edb4-49c9-b593-d223f7449a82 commit 60a66de6ece69de829b12305f5d84b216a41b6b6 Author: Sergey Biryukov <[email protected]> Date: Tue Sep 24 18:09:41 2024 +0000 Build/Test Tools: Check if the WordPress Importer plugin is installed in test bootstrap. If a hard requirement for the test suite is not fulfilled, running the tests should be blocked from the test bootstrap. A test should only fail when it doesn't produce the expected result. Since the WordPress Importer plugin is considered a hard requirement for the test suite at this time, this commit moves the check whether the plugin is installed from individual tests to the test bootstrap. Includes defining a global constant for the path to the file for reuse in the tests. Reference: [https://make.wordpress.org/core/handbook/contribute/git/#unit-tests Core Contributor Handbook: The Code Repository (Git): Unit Tests]. Follow-up to [40531], [40532], [41090], [41169], [48592], [49535], [49571]. Props jrf, hellofromTonya. See #61530. git-svn-id: https://develop.svn.wordpress.org/trunk@59085 602fd350-edb4-49c9-b593-d223f7449a82 commit ec80646878bfe96cd14d9b5b49e2d51283206762 Author: Timothy Jacobs <[email protected]> Date: Tue Sep 24 16:38:36 2024 +0000 App Passwords: Don't prevent non-unique App Password names. In [50030] we enforced that Application Passwords have unique names. This was done with the assumption that applications would not connect to a user multiple times. However, in practice we've seen applications run into issues with the unique name constraint. Depending on the app, they may not know if they've been authorized before, or they may intentionally allow connecting multiple times. To prevent friction, App developers need to make their App Name unique, and in doing so often include things like the current date & time, which is already included in the App Passwords list table. This commit removes this requirement to simplify usage of the Authorize Application flow. Props mark-k, Boniu91, timothyblynjacobs, peterwilsoncc. Fixes #54213. git-svn-id: https://develop.svn.wordpress.org/trunk@59084 602fd350-edb4-49c9-b593-d223f7449a82 commit 0b8b80449fb25e0242ad53262fcbabc08ea3ecb9 Author: Greg Ziółkowski <[email protected]> Date: Tue Sep 24 07:33:55 2024 +0000 Build: Prepare for more Script Modules This is a companion to https://github.com/WordPress/gutenberg/pull/65460 that requires syncing in WordPress Core. Namely, the block-library changes require registration with their updated script module IDs so that the blocks continue to work correctly. They key improvement is script modules registration is handled in one central place, and a combined asset file is used to improve the performance by avoiding multiple disk operations for every individual file. Props jonsurrell, gziolo, wildworks, noisysocks. See #60647, #59462. git-svn-id: https://develop.svn.wordpress.org/trunk@59083 602fd350-edb4-49c9-b593-d223f7449a82 commit a39079946ae6388083885df0198ddb0aeb6b5141 Author: Sergey Biryukov <[email protected]> Date: Mon Sep 23 22:15:11 2024 +0000 Build/Test Tools: Prevent Composer lock file from being created. Composer 1.10.0 introduced a `lock` config option, which, when set to `false` will prevent a `composer.lock` file from being created and will ignore it when one exists. This is a useful option for packages like WordPress where the `lock` file has no meaning. It also makes life more straightforward for contributors as they don't have to remember that for this repo they should use `composer update` instead of `composer install`. Both will now work the same. Reference: [https://getcomposer.org/doc/06-config.md#lock Composer Documentation: Config: lock]. Follow-up to [51543]. Props jrf. See #61530. git-svn-id: https://develop.svn.wordpress.org/trunk@59082 602fd350-edb4-49c9-b593-d223f7449a82 commit fd104aed1427167a8273bc6dc8dc43c1dd66ae02 Author: Greg Ziółkowski <[email protected]> Date: Mon Sep 23 12:48:32 2024 +0000 Comments: Pass $page as argument to comments functions Removes query alteration from `build_comment_query_vars_from_block` by introducing a new way to pass the `$page` as argument to functions handling pagination for the comments. Props cybr, santosguillamot, bernhard-reiter, gziolo. Fixes #60806. git-svn-id: https://develop.svn.wordpress.org/trunk@59081 602fd350-edb4-49c9-b593-d223f7449a82 commit 805b9333f2de80c3db981e1a2a5755045d9e7782 Author: Greg Ziółkowski <[email protected]> Date: Mon Sep 23 12:33:14 2024 +0000 Block Bindings: Adds context needed by sources during its processing Extends block context during block bindings processing. This implies that the context is extended ONLY for the blocks where bindings are defined and only when rendered on the page. Props santosguillamot, gziolo, artemiosans, cbravobernal. Fixes #61642. git-svn-id: https://develop.svn.wordpress.org/trunk@59080 602fd350-edb4-49c9-b593-d223f7449a82 commit d2f4251fb1cd335f9ad91d295d7f35dca680e2e8 Author: Robert Anderson <[email protected]> Date: Mon Sep 23 06:50:27 2024 +0000 Editor: Update packages for 6.7 Beta 1. Syncs `@wordpress/*` packages to the `wp-6.7` npm tag. See #61906. git-svn-id: https://develop.svn.wordpress.org/trunk@59079 602fd350-edb4-49c9-b593-d223f7449a82 commit e2d9ffcf1e7d96e1e7b89db96b992cf0e6c8fcf7 Author: Sergey Biryukov <[email protected]> Date: Sun Sep 22 22:48:04 2024 +0000 Editor: Respect `show_avatars` option in block editor and Customizer. This adds checks for the `show_avatars` option before setting the avatar for post lock modals in the block editor and the Customizer. Follow-up to [41839], [53070]. Props ffffelix. Fixes #62081. git-svn-id: https://develop.svn.wordpress.org/trunk@59078 602fd350-edb4-49c9-b593-d223f7449a82 commit f49909e97225f9b2aa4ab19b1c25037f2f35167d Author: Sergey Biryukov <[email protected]> Date: Sat Sep 21 14:39:52 2024 +0000 Editor: Optimize `is_callable()` checks in `traverse_and_serialize_blocks()`. This aims to improve performance by reducing the number of function calls. Follow-up to [56644]. Props welcher, Cybr, mukesh27, aristath. Fixes #62063. git-svn-id: https://develop.svn.wordpress.org/trunk@59077 602fd350-edb4-49c9-b593-d223f7449a82 commit 03b12dc3117737b8960bc4144102ef5cca346547 Author: Dennis Snell <[email protected]> Date: Fri Sep 20 22:30:04 2024 +0000 HTML API: Add `normalize()` to give us the HTML we always wanted. HTML often appears in ways that are unexpected. It may be missing implicit tags, may have unquoted, single-quoted, or double-quoted attributes, may contain duplicate attributes, may contain unescaped text content, or any number of other possible invalid constructions. The HTML API understands all fo these inputs, but downline parsers may not, and HTML snippets which are safe on their own may introduce problems when joined with other HTML snippets. This patch introduces the `serialize()` method on the HTML Processor, which prints a fully-normative HTML output, eliminating invalid markup along the way. It produces a string which contains every missing tag, double-quoted attributes, and no duplicates. A `normalize()` static method on the HTML Processor provides a convenient wrapper for constructing a fragment parser and immediately serializing. Subclasses relying on the `serialize_token()` method may perform structural HTML modifications with as much security as the upcoming `\Dom\HTMLDocument()` parser will, though these are not able to provide the full safety that will eventually appear with `set_inner_html()`. Further work may explore serializing to XML (which involves a number of other important transformations) and adding constraints to serialization (such as only allowing inline/flow/formatting elements and text). Developed in https://github.com/wordpress/wordpress-develop/pull/7331 Discussed in https://core.trac.wordpress.org/ticket/62036 Props dmsnell, jonsurrell, westonruter. Fixes #62036. git-svn-id: https://develop.svn.wordpress.org/trunk@59076 602fd350-edb4-49c9-b593-d223f7449a82 commit 675a1aa5e5583a465e452c13d4d631666a486b5f Author: Dennis Snell <[email protected]> Date: Fri Sep 20 20:21:59 2024 +0000 HTML API: Add `get_full_comment_text()` method. Previously, there were a few cases where the modifiable text read from an HTML comment differs slightly from the parsed value of its inner text in a browser. This is due to the specific way that invalid HTML syntax tokens become "bogus comments." This patch introduces a new method to the Tag Processor to allow differentiating these specific cases, such as when copying or serializing HTML from one source to another. Similar code has already been in use in the html5lib tests, and this patch simplifies the test runner, evidencing the fact that this method was already needed. Developed in https://github.com/wordpress/wordpress-develop/pull/7342 Discussed in https://core.trac.wordpress.org/ticket/62036 Props dmsnell, jonsurrell. See #62036. git-svn-id: https://develop.svn.wordpress.org/trunk@59075 602fd350-edb4-49c9-b593-d223f7449a82 commit 1eb5f61c9e5c36a5e587010bf8e4d1e811da56e0 Author: Sergey Biryukov <[email protected]> Date: Fri Sep 20 14:07:11 2024 +0000 Editor: Restore the merging of TinyMCE settings in `wp_tinymce_inline_scripts()`. This ensures that the function applies the `wp_editor_settings` filter and merges the resulting array with the rest of TinyMCE init settings. Includes a unit test to verify that the settings are merged correctly after adding the assignment of `array_merge()` result that was missed in the initial commit. Follow-up to [44265], [59033]. Props kkmuffme, akshat2802, davidbaumwald, SergeyBiryukov. Fixes #61754. git-svn-id: https://develop.svn.wordpress.org/trunk@59074 602fd350-edb4-49c9-b593-d223f7449a82 commit 35907da95151b45d197102ea4d69e10ad019cab9 Author: Robert Anderson <[email protected]> Date: Fri Sep 20 02:05:50 2024 +0000 Editor: Add plugin template registration API and improve theme overrides for plugin-registered templates This commit introduces a new API to allow plugins to easily register block templates with `wp_register_block_template()` and the `WP_Block_Templates_Registry` class, addressing the complexity of hooking into multiple filters. It also ensures plugin-registered templates overridden by themes fall back to the plugin-provided title and description when the theme doesn't define them. See https://github.com/WordPress/gutenberg/pull/61577. See https://github.com/WordPress/gutenberg/pull/64610. Fixes #61804. Props aljullu, peterwilsoncc, antonvlasenko, azaozz, youknowriad, noisysocks. git-svn-id: https://develop.svn.wordpress.org/trunk@59073 602fd350-edb4-49c9-b593-d223f7449a82 commit 1ad25bb1432c788c8084fe832a7f13e646a28b62 Author: Robert Anderson <[email protected]> Date: Fri Sep 20 01:53:52 2024 +0000 Editor: Update packages for 6.7 Beta 1. Syncs `@wordpress/*` packages to the `wp-6.7` npm tag. Fixes #61906. Props peterwilsoncc, gziolo, kevin940726. git-svn-id: https://develop.svn.wordpress.org/trunk@59072 602fd350-edb4-49c9-b593-d223f7449a82 commit d46067a77628797897a8c853fabbefc4cc2b1790 Author: Peter Wilson <[email protected]> Date: Fri Sep 20 00:50:51 2024 +0000 External Libraries: Test registered script versions match package.json. Expands tests to ensure the version number of packages updated via NPM matches the version number used for registering the script in the script loader. This adds tests for (by their registered name in WordPress): * backbone * clipboard * hoverIntent * hoverintent-js * imagesloaded * jquery-color * jquery-core * jquery-form * masonry * react-jsx-runtime * underscore * wp-polyfill-dom-rect * wp-polyfill-element-closest * wp-polyfill-fetch * wp-polyfill-formdata * wp-polyfill-inert * wp-polyfill-node-contains * wp-polyfill-object-fit * wp-polyfill-url This expands on the earlier tests introduced for: * lodash * moment * react * react-dom * regenerator-runtime An additional test is added to ensure that the data provider for these tests is maintained as libraries are added via package.json. `@wordpress/*` scripts are excluded from these tests as wp-scripts generates a version number automatically based on the file's contents. Additionally, the version of element-closest listed in package.json is updated to use a fixed version rather than a range. This reflects the current practice of WordPress to define the specific version in core. For the avoidance of doubt, this does not affect the version shipped in WordPress. Follow up to [57185]. Props peterwilsoncc, jorbin. Fixes #61855. git-svn-id: https://develop.svn.wordpress.org/trunk@59071 602fd350-edb4-49c9-b593-d223f7449a82 commit 951f887f8a874e9c183bb990b0aa767d3ebb835b Author: Tonya Mork <[email protected]> Date: Thu Sep 19 20:20:30 2024 +0000 External Libraries: Skip instanceof check when null in Text_Diff::_check(). On the first `foreach` loop in Text_Diff::_check()`, `$prevtype` is `null`. As `instanceof` requires the class name term to be an object or string, a fatal error is thrown: >Fatal error: Uncaught Error: Class name must be a valid object or a string on line 279 This change: * Adds a simple test for the `Text_Diff::_check()` method, which is how the bug was discovered as the test could never pass with the code as-is. * Adds a defensive guard to protect against the fatal. It checks if `$prevtype` is not `null` as a pre-condition to for checking the instance. This bugfix also resolves the failing test. Follow-up to [49194], [7747]. Props jrf, hellofromTonya. See #62083. git-svn-id: https://develop.svn.wordpress.org/trunk@59070 602fd350-edb4-49c9-b593-d223f7449a82 commit 1e608149f92886723d7d162df3014c7ba970030e Author: Tonya Mork <[email protected]> Date: Thu Sep 19 18:55:00 2024 +0000 Code Modernization: handle mysqli_ping() deprecation in wpdb::check_connection(). The `mysqli_ping()` function is deprecated as of PHP 8.4, though, in reality, the function wasn't working according to spec anymore since PHP 8.2 when the `libmysql` driver was dropped in favour of `libmysqlnd`, which was already the default (and recommended) driver since PHP 5.4. The `mysqli_ping()` method was also not really correctly named as its functionality was to reconnect to the database, not just ping. The alternative is to "manually" ping the database by sending a `DO 1` query (the cheapest possible SQL query). Adding a PHP version based toggle was considered, but as mentioned above, the default driver has been `libmysqlnd` since PHP 5.4 and in that case, the function never worked anyway, so in reality `mysqli_ping()` was only really functional for the odd custom PHP compilation where `mysqli` was build against `libmysql` AND `reconnect` was not disabled. With this in mind, this change replaces the call to `mysqli_ping()` with the `DO 1` query completely. If that query succeeds, it concludes the database connection is still alive. This solution should be the most stable as it will work for both PHP 7.2 <= 8.1, independently of which driver `mysqli` was compiled with, as well as for PHP 8.2+. Note: It could also be considered to remove the function call to `mysqli_ping()` completely and rely on standard error handling in case the connection would have dropped, as after all, the fact that the connection existed at the moment the "ping" happened, is no guarantee that the connection will still exist when the next query is send.... this approach was not chosen so as WP has custom error handling and does not use the PHP native mysqli exceptions for this, which would make implementing this more awkward. Includes a test to verify that the connection check works when there is a valid connection (this was previously not covered by tests). Refs: * https://wiki.php.net/rfc/deprecations_php_8_4#mysqli_ping_and_mysqliping * https://github.com/php/php-src/pull/11912#issuecomment-1671762583 * https://stackoverflow.com/questions/2546868/cheapest-way-to-determine-if-a-mysql-connection-is-still-alive/2546922#2546922 * php/php-src#11945 * https://wiki.php.net/rfc/mysqli_support_for_libmysql * https://www.php.net/mysqli_ping Follow-up to [56475], [27250], [27075]. Props jrf, hellofromTonya. See #62061. git-svn-id: https://develop.svn.wordpress.org/trunk@59069 602fd350-edb4-49c9-b593-d223f7449a82 commit de346c606d9756bcaec8d0d69fe7aac3a86731fe Author: Tonya Mork <[email protected]> Date: Thu Sep 19 18:12:36 2024 +0000 Tests: Remove use of E_STRICT. The `E_STRICT` constant is deprecated as of PHP 8.4 and will be removed in PHP 9.0. The error level hasn't been in use since PHP 8.0 anyway, so removing the exclusion from the `error_reporting()` setting in the `install.php` script used in the tests should make no difference in practice. Ref: * https://wiki.php.net/rfc/deprecations_php_8_4#remove_e_strict_error_level_and_deprecate_e_strict_constant Follow-up to [25002]. Props jrf. See #62061. git-svn-id: https://develop.svn.wordpress.org/trunk@59068 602fd350-edb4-49c9-b593-d223f7449a82 commit ceedcb5ae956b92288cd370a6e67789c196c95d1 Author: Sergey Biryukov <[email protected]> Date: Thu Sep 19 12:38:35 2024 +0000 Coding Standards: Update PHPCS to version 3.10.3. PHPCS has seen several new releases since the last update, which means more bugs have been fixed, syntax support for PHP 8.3 was added, more sniff documentation is available, performance improvements, a new Help screen, etc. References: * [https://github.com/PHPCSStandards/PHP_CodeSniffer/releases/tag/3.10.3 PHP_CodeSniffer 3.10.3 release notes] * [https://github.com/PHPCSStandards/PHP_CodeSniffer/releases/tag/3.10.2 PHP_CodeSniffer 3.10.2 release notes] * [https://github.com/PHPCSStandards/PHP_CodeSniffer/releases/tag/3.10.1 PHP_CodeSniffer 3.10.1 release notes] * [https://github.com/PHPCSStandards/PHP_CodeSniffer/releases/tag/3.10.0 PHP_CodeSniffer 3.10.0 release notes] * [https://github.com/PHPCSStandards/PHP_CodeSniffer/releases/tag/3.9.2 PHP_CodeSniffer 3.9.2 release notes] * [https://github.com/PHPCSStandards/PHP_CodeSniffer/releases/tag/3.9.1 PHP_CodeSniffer 3.9.1 release notes] Follow-up to [56695], [56799], [57378], [57986]. Props jrf. Fixes #62076. git-svn-id: https://develop.svn.wordpress.org/trunk@59067 602fd350-edb4-49c9-b593-d223f7449a82 commit e060ee3eb715d18e4a2cb8ce7eb29d1fd0a29842 Author: Sergey Biryukov <[email protected]> Date: Thu Sep 19 12:10:19 2024 +0000 Coding Standards: Remove unused return value for `WP_Object_Cache::__set()`. This resolves a WPCS warning: {{{ Assignments must be the first block of code on a line }}} Note: This is enforced by PHPCS 3.10.3. Follow-up to [28521], [29146]. Props jrf. See #62076, #61607. git-svn-id: https://develop.svn.wordpress.org/trunk@59066 602fd350-edb4-49c9-b593-d223f7449a82 commit b36055bef3c7e0359a3c4cf1760d17b259c3234d Author: Carolina Nymark <[email protected]> Date: Thu Sep 19 10:32:34 2024 +0000 Bundled Themes: Make text strings translatable. This changeset updates Twenty Twenty-Three and Twenty Twenty-Four and replaces text strings in HTML files with patterns to make the strings translatable. Follow-up to [58459]. Props sabernhardt, karmatosed, iflairwebtechnologies, poena. Fixes #61951. git-svn-id: https://develop.svn.wordpress.org/trunk@59065 602fd350-edb4-49c9-b593-d223f7449a82 commit bf09fe506620678fb82c3b872309edda0ed8ce61 Author: Peter Wilson <[email protected]> Date: Wed Sep 18 22:35:35 2024 +0000 Date/Time, PHP Compat: Prevent type errors using GMT offset option. Prevents a potential type errors when making use of the `gmt_offset` option by casting the value to a float prior to performing calculations with the value. This mainly accounts for incorrect storage of values, such as an empty string or city name. Follow up to [58923]. Props chaion07, hellofromtonya, kirasong, mhshohel, mukesh27, nicolefurlan, nihar007, nurielmeni, oglekler, peterwilsoncc, prionkor, rajinsharwar, rarst, rleeson, sabernhardt, SergeyBiryukov, swissspidy, toastercookie, verygoode. Fixes #56358, #58986, #60629. git-svn-id: https://develop.svn.wordpress.org/trunk@59064 602fd350-edb4-49c9-b593-d223f7449a82 commit 3b248638618bcd40a315bee6027ea8b7dfc578e0 Author: Tonya Mork <[email protected]> Date: Wed Sep 18 21:38:32 2024 +0000 Code Modernization: Remove xml_set_object() in MagpieRSS::__construct(). The XML Parser extension still supports a quite dated mechanism for method based callbacks, where the object is first set via `xml_set_object()` and the callbacks are then set by passing only the name of the method to the relevant parameters on any of the `xml_set_*_handler()` functions. {{{ xml_set_object( $parser, $my_obj ); xml_set_character_data_handler( $parser, 'method_name_on_my_obj' ); }}} Passing proper callables to the `xml_set_*_handler()` functions has been supported for the longest time and is cross-version compatible. So the above code is 100% equivalent to: {{{ xml_set_character_data_handler( $parser, [$my_obj, 'method_name_on_my_obj'] ); }}} The mechanism of setting the callbacks with `xml_set_object()` has now been deprecated as of PHP 8.4, in favour of passing proper callables to the `xml_set_*_handler()` functions. This is also means that calling the `xml_set_object()` function is deprecated as well. This commit fixes this deprecation for the `MagpieRSS::__construct()` method. The change has not been not covered by tests. This class has been deprecated since WP 3.0.0 and is not covered by tests at all. Adding those now seems superfluous, all the more as the principle of the fix is no different than for the other files, so we can be sure it works anyway. Note: Though this is "officially" an external library, this package is no longer externally maintained. The code style of the fix in the source file is in line with the existing code style for the file. Refs: * https://wiki.php.net/rfc/deprecations_php_8_4#xml_set_object_and_xml_set_handler_with_string_method_names * https://www.php.net/manual/en/function.xml-set-object.php * https://www.php.net/manual/en/ref.xml.php Follow-up to [4399]. Props jrf. See #62061. git-svn-id: https://develop.svn.wordpress.org/trunk@59063 602fd350-edb4-49c9-b593-d223f7449a82 commit ce571018a9d72fb513b803599cba21037fec68ed Author: Tonya Mork <[email protected]> Date: Wed Sep 18 21:18:54 2024 +0000 Code Modernization: Remove xml_set_object() in AtomParser::parse(). The XML Parser extension still supports a quite dated mechanism for method based callbacks, where the object is first set via `xml_set_object()` and the callbacks are then set by passing only the name of the method to the relevant parameters on any of the `xml_set_*_handler()` functions. {{{ xml_set_object( $parser, $my_obj ); xml_set_character_data_handler( $parser, 'method_name_on_my_obj' ); }}} Passing proper callables to the `xml_set_*_handler()` functions has been supported for the longest time and is cross-version compatible. So the above code is 100% equivalent to: {{{ xml_set_character_data_handler( $parser, [$my_obj, 'method_name_on_my_obj'] ); }}} The mechanism of setting the callbacks with `xml_set_object()` has now been deprecated as of PHP 8.4, in favour of passing proper callables to the `xml_set_*_handler()` functions. This is also means that calling the `xml_set_object()` function is deprecated as well. This commit fixes this deprecation for the `AtomParser::parse()` method. This change is safeguarded via the new `AtomParser_Parse_Test` class. Notes: * Though this is "officially" an external library, this package is no longer externally maintained. The code style of the fix in the source file is in line with the existing code style for the file. * It appears that this class is not actually used by WP Core itself, so it could be considered to deprecate the class. However, as the class is not currently deprecated, safeguarding the change with a test seemed prudent. * The fixture used for the test reuses a fixture from the original package: https://code.google.com/archive/p/phpatomlib/source/default/source * The new test class follows the recommended test format (naming convention of the class, `@covers` tag at class level, only testing one method) as per Trac tickets 62004 / 53010. Refs: * https://wiki.php.net/rfc/deprecations_php_8_4#xml_set_object_and_xml_set_handler_with_string_method_names * https://www.php.net/manual/en/function.xml-set-object.php * https://www.php.net/manual/en/ref.xml.php Follow-up to [5951]. Props jrf. See #62061. git-svn-id: https://develop.svn.wordpress.org/trunk@59062 602fd350-edb4-49c9-b593-d223f7449a82 commit f9f19c7e77bc5898b03a69a48871cd377320c378 Author: Tonya Mork <[email protected]> Date: Wed Sep 18 21:04:48 2024 +0000 Tests: Use file paths independent of OS-specifics assertion or helper. Use `WP_UnitTestCase_Base::assertSamePathIgnoringDirectorySeparators()` and `WP_UnitTestCase_Base::normalizeDirectorySeparatorsInPath()` in existing tests. Follow-up to [59057], [57753], [57215], [56635], [48937], [25002]. Props jrf. See #61530. git-svn-id: https://develop.svn.wordpress.org/trunk@59061 602fd350-edb4-49c9-b593-d223f7449a82 commit 5168e1933af6e2e753b5fce4ed0f6fc29bd4fec1 Author: Dennis Snell <[email protected]> Date: Wed Sep 18 19:10:56 2024 +0000 WP_Debug_Data: Extract `wp-media` data into separate method. This is the sixth part in a larger modularization of the data in `WP_Debug_Data`. Previously this was a single massive method drawing in debug data from various groups of related data, where the groups were independent from each other. This patch separates the sixth of twelve groups, the `wp-media` info, into a separate method focused on that data. This work precedes changes to make the `WP_Debug_Data` class more extensible for better use by plugin and theme code. Developed in https://github.com/wordpress/wordpress-develop/pull/7356 Discussed in https://core.trac.wordpress.org/ticket/61648 Props apermo, dmsnell. See #61648. git-svn-id: https://develop.svn.wordpress.org/trunk@59060 602fd350-edb4-49c9-b593-d223f7449a82 commit a543c31a1d0f6a86c664e5225f3befe03fb91807 Author: Drew Jaynes <[email protected]> Date: Wed Sep 18 19:06:45 2024 +0000 Docs: The `$feedname` parameter in `add_feed()` should not start with an underscore. Props snehapatil02, hellofromtonya, narenin. Fixes #59945. git-svn-id: https://develop.svn.wordpress.org/trunk@59059 602fd350-edb4-49c9-b593-d223f7449a82 commit 55aa76aa25e9f0f31a54f7bbe3e840b24427d314 Author: Tonya Mork <[email protected]> Date: Wed Sep 18 18:44:15 2024 +0000 Code Modernization: Explicitly declare all properties in AtomParser. Dynamic (non-explicitly declared) properties are deprecated as of PHP 8.2 and are expected to become a fatal error in PHP 9.0. There are a number of ways to mitigate this: * If it's an accidental typo for a declared property: fix the typo. * For known properties: declare them on the class. * For unknown properties: add the magic `__get()`, `__set()` et al methods to the class or let the class extend `stdClass` which has highly optimized versions of these magic methods build in. * For unknown _use of_ dynamic properties, the `#[AllowDynamicProperties]` attribute can be added to the class. The attribute will automatically be inherited by child classes. In this case, the property added are explicitly referenced in this class, so fall in the "known property" category. Refs: * https://wiki.php.net/rfc/deprecate_dynamic_properties Props jrf. See #56034. git-svn-id: https://develop.svn.wordpress.org/trunk@59058 602fd350-edb4-49c9-b593-d223f7449a82 commit e6a8fdd754887ec5b2738013163552a0b8c0be76 Author: Tonya Mork <[email protected]> Date: Wed Sep 18 18:20:43 2024 +0000 Tests: Introduce assertion for comparing file paths independent of OS-specifics. Introduces `WP_UnitTestCase_Base::assertSamePathIgnoringDirectorySeparators()` and an associated helper method `WP_UnitTestCase_Base::normalizeDirectorySeparatorsInPath()` to allow for comparing two file path strings independently of OS-specific differences. The normalization is done in a separate method to also allow this method to be used for path normalization within test methods themselves, like for normalizing a group of paths in an array. The pretty specific method name for the helper (`normalizeDirectorySeparatorsInPath()`) is an attempt to prevent naming conflicts with methods which may exist in plugin test suites build on top of the WP Core test suite. Props jrf, hellofromTonya. See #61530. git-svn-id: https://develop.svn.wordpress.org/trunk@59057 602fd350-edb4-49c9-b593-d223f7449a82 commit baff405508b09c2fa165f60ffb2eec87515d6f1d Author: Tonya Mork <[email protected]> Date: Wed Sep 18 18:02:43 2024 +0000 Code Modernization: Remove xml_set_object() in IXR_Message::parse(). The XML Parser extension still supports a quite dated mechanism for method based callbacks, where the object is first set via `xml_set_object()` and the callbacks are then set by passing only the name of the method to the relevant parameters on any of the `xml_set_*_handler()` functions. {{{ xml_set_object( $parser, $my_obj ); xml_set_character_data_handler( $parser, 'method_name_on_my_obj' ); }}} Passing proper callables to the `xml_set_*_handler()` functions has been supported for the longest time and is cross-version compatible. So the above code is 100% equivalent to: {{{ xml_set_character_data_handler( $parser, [$my_obj, 'method_name_on_my_obj'] ); }}} The mechanism of setting the callbacks with `xml_set_object()` has now been deprecated as of PHP 8.4, in favour of passing proper callables to the `xml_set_*_handler()` functions. This is also means that calling the `xml_set_object()` function is deprecated as well. This commit fixes this deprecation for the `IXR_Message::parse()` method. This change is safeguarded via the new`Tests_XMLRPC_Message::test_parse_sets_handlers()` test method. Note: Though this is "officially" an external library, this package is no longer externally maintained. The code style of the fix in the source file is in line with the existing code style for the file. Refs: * https://wiki.php.net/rfc/deprecations_php_8_4#xml_set_object_and_xml_set_handler_with_string_method_names * https://www.php.net/manual/en/function.xml-set-object.php * https://www.php.net/manual/en/ref.xml.php Follow-up to [15612], [1346]. Props jrf, hellofromTonya. See #62061. git-svn-id: https://develop.svn.wordpress.org/trunk@59056 602fd350-edb4-49c9-b593-d223f7449a82 commit 224e2c17b26caff406a4f5d44fa53901b1b4de7f Author: Tonya Mork <[email protected]> Date: Wed Sep 18 17:24:30 2024 +0000 Tests: Remove use of xml_set_object() in TestXMLParser. The XML Parser extension still supports a quite dated mechanism for method based callbacks, where the object is first set via `xml_set_object()` and the callbacks are then set by passing only the name of the method to the relevant parameters on any of the `xml_set_*_handler()` functions. {{{ xml_set_object( $parser, $my_obj ); xml_set_character_data_handler( $parser, 'method_name_on_my_obj' ); }}} Passing proper callables to the `xml_set_*_handler()` functions has been supported for the longest time and is cross-version compatible. So the above code is 100% equivalent to: {{{ xml_set_character_data_handler( $parser, [$my_obj, 'method_name_on_my_obj'] ); }}} The mechanism of setting the callbacks with `xml_set_object()` has now been deprecated as of PHP 8.4, in favour of passing proper callables to the `xml_set_*_handler()` functions. This is also means that calling the `xml_set_object()` function is deprecated as well. This commit fixes this deprecation for the `TestXMLParser` helper utility. In this case, the callbacks were already using the recommended format and the call to `xml_set_object()` was completely redundant. As this is a test utility and was already causing pre-existing tests using the utility to fail, there is no need for dedicated tests to cover this change. Refs: * https://wiki.php.net/rfc/deprecations_php_8_4#xml_set_object_and_xml_set_handler_with_string_method_names * https://www.php.net/manual/en/function.xml-set-object.php * https://www.php.net/manual/en/ref.xml.php Follow-up to [25002]. Props jrf. See #62061. git-svn-id: https://develop.svn.wordpress.org/trunk@59055 602fd350-edb4-49c9-b593-d223f7449a82 commit 1324176d519e02d969fb41c00de6b4d2751d0ad8 Author: Tonya Mork <[email protected]> Date: Wed Sep 18 16:16:19 2024 +0000 Tests: Fix Tests_Theme tests to run (and pass) cross-OS. Uses `DIRECTORY_SEPARATOR` in closures for cross-OS differences. Follow-up to [56635]. Props jrf. See #61530. git-svn-id: https://develop.svn.wordpress.org/trunk@59054 602fd350-edb4-49c9-b593-d223f7449a82 commit 82171f503600c8fa89e298a7b3ae76710d4be44d Author: Tonya Mork <[email protected]> Date: Wed Sep 18 15:02:14 2024 +0000 Code Modernization: Fix implicitly nullable parameter in WP_HTML_Processor. PHP 8.4 deprecates implicitly nullable parameters, i.e. typed parameters with a `null` default value, which are not explicitly declared as nullable. This commit the one instance of this in the `WP_HTML_Processor` class. Fixed by adding the nullability operator to the type, which is supported since PHP 7.1, so we can use it now the minimum supported PHP version is PHP 7.2. As this deprecation is thrown at compile time, it can be seen at the top of the test output when running on PHP 8.4 (which will be gone once this change has been committed). It is not possible to write a test to cover this. Ref: https://wiki.php.net/rfc/deprecate-implicitly-nullable-types Follow-up to [58867], [58769], [58304], [58192]. Props jrf. See #62061. git-svn-id: https://develop.svn.wordpress.org/trunk@59053 602fd350-edb4-49c9-b593-d223f7449a82 commit 8fc4a000fceb64668e7d3962d01f32d8cdc2c82e Author: Tonya Mork <[email protected]> Date: Wed Sep 18 14:53:32 2024 +0000 Tests: Fix implicitly nullable parameters in Tests_HtmlApi_WpHtmlProcessorComments. PHP 8.4 deprecates implicitly nullable parameters, i.e. typed parameters with a `null` default value, which are not explicitly declared as nullable. The `Tests_HtmlApi_WpHtmlProcessorComments` test class contains one problematic parameter in the `test_comment_processing()` method declaration. While this could be fixed by adding the nullability operator, the type declarations in the test method is removed instead, including other type declarations for this method and the second test method, which were not affected by the deprecation. The reason for this is quite straight-forward: using type declarations in tests is bad practice and inhibits defense-in-depth type testing. Using type declarations in tests prevents being able to test the "code under test" with unexpected input types as the values with unexpected (scalar) types will be juggled to the expected type between the data provider and the test method and the _real_ data value would therefore never reach the method under test. The knock-on effects of this are: * That the input handling of the "code under test" can not be safeguarded, whether this input handling is done via in-function type checking or via a type declaration in the "code under test". * That if such "unexpected data type" tests are added to the data provider, they will silently pass (due to the type being juggled before reaching the "code under test"), giving a false sense of security, while in actual fact, these data sets would not be testing anything at all and if, for instance, the type declaration in the "code under test" would be removed, these tests would still pass, while by rights they should start failing. Also note that this problem would only be exacerbated if the file would be put under `strict_types`. Ref: https://wiki.php.net/rfc/deprecate-implicitly-nullable-types Follow-up to [58734]. Props jrf. See #62061. git-svn-id: https://develop.svn.wordpress.org/trunk@59052 602fd350-edb4-49c9-b593-d223f7449a82 commit 91f8e77b3e19dde884cd6a32a8799e8c71db9e92 Author: Sergey Biryukov <[email protected]> Date: Wed Sep 18 14:22:27 2024 +0000 Script Loader: Restore `user-profile.js` dependencies after an accidental revert. Follow-up to [59033], [59046], [59047]. Props TobiasBg. See #61754. git-svn-id: https://develop.svn.wordpress.org/trunk@59051 602fd350-edb4-49c9-b593-d223f7449a82 commit d8e05446b7d109f8b3c48cbeebf6241d3f6e3946 Author: Drew Jaynes <[email protected]> Date: Wed Sep 18 06:02:15 2024 +0000 Docs: Add missing @since and @param annotations for the `edit_post_{$field}` hook doc. Props mukesh27 See #50654 git-svn-id: https://develop.svn.wordpress.org/trunk@59050 602fd350-edb4-49c9-b593-d223f7449a82 commit a6166f143444b48eb7250de76a5b8eeee3a7ee34 Author: Jonathan Desrosiers <[email protected]> Date: Wed Sep 18 05:42:16 2024 +0000 Build/Test Tools: Submit host test results for each PHP version. The WordPress Hosting Test Results now supports multiple reports for the same commit from the same test bot. This updates the PHPUnit test workflow to submit results for each version of PHP running the tests. Props swissspidy, jorbin, crixu, kirasong, desrosj. See #61564. git-svn-id: https://develop.svn.wordpress.org/trunk@59049 602fd350-edb4-49c9-b593-d223f7449a82 commit 52d46a9cb3d808340f2d7b35a0120354bf8ecaf2 Author: ramonopoly <[email protected]> Date: Wed Sep 18 05:17:05 2024 +0000 Global Styles: allow read access to users with `edit_posts` capabilities This patch any role that can edit a post, including custom post types, or edit theme options to read global styles from the API. This enables read-only access to global styles in the post editor. Test coverage in included. Props ramonopoly, peterwilsoncc, mukesh27, aaronrobertshaw, mamaduka, spacedmonkey, talldanwp, timothyblynjacobs. Fixes #62042. git-svn-id: https://develop.svn.wordpress.org/trunk@59048 602fd350-edb4-49c9-b593-d223f7449a82 commit 6693c25c8a786925d16c466694d35c0ea3764e67 Author: David Baumwald <[email protected]> Date: Wed Sep 18 00:46:43 2024 +0000 Script Loader: Revert removing unused array_merge. Code is poetry, until it isn’t. Unprops davidbaumwald. See #61754. git-svn-id: https://develop.svn.wordpress.org/trunk@59047 602fd350-edb4-49c9-b593-d223f7449a82 commit 5d0753bb6e7c29adc8e6171ee21338cb5ade297b Author: Jeremy Felt <[email protected]> Date: Wed Sep 18 00:12:52 2024 +0000 Application Passwords: Add copy button when adding new password. Props circlecube, dhruvang21, ironprogrammer, desrosj. Fixes #62019. git-svn-id: https://develop.svn.wordpress.org/trunk@59046 602fd350-edb4-49c9-b593-d223f7449a82 commit b0809808e21827e4f6d0325695f37b67211067d5 Author: Drew Jaynes <[email protected]> Date: Wed Sep 18 00:00:08 2024 +0000 Docs: Add possible filter names to the hook docs for the following filters in `sanitize_post_field()`: - `edit_{$field}` - `{$field_no_prefix}_edit_pre` - `edit_post_{$field}` - `pre_{$field}` - `{$field_no_prefix}_save_pre` - `pre_post_{$field}` - `{$field}_pre` - `{$field}` - `post_{$field}` Props johnbillion, DrewAPicture. Fixes #50654 git-svn-id: https://develop.svn.wordpress.org/trunk@59045 602fd350-edb4-49c9-b593-d223f7449a82 commit e9bb88d8c2da2c5ea1831ecbd7909ae19ba29708 Author: Aaron Jorbin <[email protected]> Date: Tue Sep 17 23:56:10 2024 +0000 Bootstrap/Load: Add documentation warning about updating `$table_prefix`. Props bjerke-johannessen, swissspidy, SergeyBiryukov, morganestes, stevenlinx, jorbin. Fixes #34189. git-svn-id: https://develop.svn.wordpress.org/trunk@59044 602fd350-edb4-49c9-b593-d223f7449a82 commit 36f6f6450175e9b5e2213aa9c4e44eb6e10f18c8 Author: Helen Hou-Sandi <[email protected]> Date: Tue Sep 17 23:48:26 2024 +0000 Bootstrap/Load: Give more context and warning about editing compat.php. As indicated by name, this is a compatibility file which warrants more care to begin with, but it's still worth warning folks about how narrow function availability is in this file. Props jorbin, dmsnell, helen. See #61694. git-svn-id: https://develop.svn.wordpress.org/trunk@59043 602fd350-edb4-49c9-b593-d223f7449a82 commit 8f6ec896348f83e63fa239f376d5010b85d24794 Author: Adam Silverstein <[email protected]> Date: Tue Sep 17 23:26:22 2024 +0000 Media: improve speed of AVIF image generation. Set the AVIF encoder to work faster by raising heic:speed to 7 from the default of 5. AVIF generation time is reduced by up to 20% with minimal impact on image size. Props: adamsilverstein, erikyo, mukesh27, yguyon, felixarntz, jzern. Fixes #61758. git-svn-id: https://develop.svn.wordpress.org/trunk@59042 602fd350-edb4-49c9-b593-d223f7449a82 commit f9aeb0bdc14b251b7f1497771ce34fdeea7578a4 Author: Joe Dolson <[email protected]> Date: Tue Sep 17 23:26:03 2024 +0000 Accessibility: Add border around menus and submenus in high contrast mode. Add outlines and borders to mark the boundaries between the admin navigation menu and content and around adminbar submenus that are visible when Windows High Contrast Mode is enabled. This clarifies the page structure and makes high contrast mode easier to use. Props wildworks, hbhalodia, sabernhardt, joedolson, rcreators. Fixes #61616. git-svn-id: https://develop.svn.wordpress.org/trunk@59041 602fd350-edb4-49c9-b593-d223f7449a82 commit 71c69dad2e05fd51c508b1311805083943dc5398 Author: K. Adam White <[email protected]> Date: Tue Sep 17 23:22:43 2024 +0000 REST API: Allow posts to be published with a publication date of midnight 1970-01-01. Explicitly checks date parsing return values for `false`, so that `0` (the value returned for the UNIX epoch of `1970-01-01 00:00:00`) is correctly treated as a valid timestamp. It should be valid to create a post dated to any point in history. Props emmanuel78, sabernhardt, siliconforks, drjosh07, antpb, TimothyBlynJacobs. Fixes #60184. git-svn-id: https://develop.svn.wordpress.org/trunk@59040 602fd350-edb4-49c9-b593-d223f7449a82 commit c1520f3684dcd4647ef789b2f47aa4850a4ce871 Author: Aaron Jorbin <[email protected]> Date: Tue Sep 17 22:39:58 2024 +0000 Bootstrap/Load: Ensure uses of set_time_limit are documented why. `set_time_limit` can cause unexpected behavior so it general should be avoided. There are instances though where they should be used so those instances should be properly documented. Props Rcrayno, ryan, kurtpayne, jorbin. Fixes #21521. See #19487. git-svn-id: https://develop.svn.wordpress.org/trunk@59039 602fd350-edb4-49c9-b593-d223f7449a82 commit 3cd3a00c76102913590ade96a44003deb01664c3 Author: Timothy Jacobs <[email protected]> Date: Tue Sep 17 22:25:03 2024 +0000 Build Tools: Allow easier customization of the .env file. The .env file allows for configuring how the WordPress Local environment should be configured. However, because the file is version controlled, developers must be careful not to commit their modifications. This commit renames the .env file to be .env.example. During env start, the .env.example file is copied to .env if it does not exist. This allows for contributors to continue using the project without thinking about .env and to make changes when needed. This brings WordPress Core into the dotenv project guidelines. Props johnbillion, afragen, h71, desrosj. Fixes #52668. git-svn-id: https://develop.svn.wordpress.org/trunk@59038 602fd350-edb4-49c9-b593-d223f7449a82 commit 98a9f6481afe3dc764f0ca5bb4f108cefe7203e0 Author: Anthony Burchell <[email protected]> Date: Tue Sep 17 22:24:43 2024 +0000 Coding Standards: Avoid using confusing `!` condition in Media Library selection check. Checks that value is now equal or less than or equal to 0 which has the same result as the previous confusing `!` usage. Props kadamwhite, drjosh07. See #60369. git-svn-id: https://develop.svn.wordpress.org/trunk@59037 602fd350-edb4-49c9-b593-d223f7449a82 commit 15b7d2a86885a6c83b520277f97b1debe31048fb Author: K. Adam White <[email protected]> Date: Tue Sep 17 22:17:41 2024 +0000 REST API: Only check password value in query parameters while checking post permissions. The `password` property which gets sent as part of a request POST body while setting a post's password should not be checked when calculating post visibility permissions. That value in the request body is intended to update the post, not to authenticate, and may be malformed or an invalid non-string type which would cause a fatal when checking against the hashed post password value. Query parameter `?password=` values are the correct interface to check, and are also guaranteed to be strings. Props mlf20, devansh016, antonvlasenko, TimothyBlynJacobs, kadamwhite. Fixes #61837. git-svn-id: https://develop.svn.wordpress.org/trunk@59036 602fd350-edb4-49c9-b593-d223f7449a82 commit d3d02c44ebdddc11b5c53b6fc6938e801b3d41f8 Author: Anthony Burchell <[email protected]> Date: Tue Sep 17 21:56:43 2024 +0000 Media: Add Ctrl/Command + Enter shortcut to insert selected Media Library items. Adds a Ctrl/Command + Enter keyboard shortcut to insert the currently selected single media or multiple media items when selecting in the Media Library modal. Props poena, hirschferkel, antpb, joedolson, skobe, rcreators, plaidharper. Fixes #60369. git-svn-id: https://develop.svn.wordpress.org/trunk@59035 602fd350-edb4-49c9-b593-d223f7449a82 commit a9d76fab5641acdd3724a25989979cc51f22b953 Author: Felix Arntz <[email protected]> Date: Tue Sep 17 21:56:18 2024 +0000 REST API: Support exact search in the REST API posts endpoint. This changeset adds support for a new `search_semantics` enum query parameter that can be passed alongside the `search` string parameter. At this point, it only supports "exact" as possible value, but an enum is used for forward compatibility with potential enhancements like "sentence" search support. If `search_semantics=exact` is passed, it will look for an exact match rather than do a full text search, which for some use-cases is more appropriate and more performant. Props mehulkaklotar, timothyblynjacobs, jimmyh61, ironprogrammer, johnregan3, mukesh27, costdev. Fixes #56350. git-svn-id: https://develop.svn.wordpress.org/trunk@59034 602fd350-edb4-49c9-b593-d223f7449a82 commit af0437b080a1c512816883728bde9a75f70081bf Author: David Baumwald <[email protected]> Date: Tue Sep 17 21:52:54 2024 +0000 Script Loader: Remove unused array_merge. This change removes an unused `array_merge` that was added in [44265]. Props kkmuffme, SergeyBiryukov, akshat2802. Fixes #61754. git-svn-id: https://develop.svn.wordpress.org/trunk@59033 602fd350-edb4-49c9-b593-d223f7449a82 commit 7b8e4451f4d28102585bdf9573ce0fb193a917f9 Author: Timothy Jacobs <[email protected]> Date: Tue Sep 17 21:50:38 2024 +0000 REST API: Automatically populate targetHints for the Allow header. The REST API uses the "Allow" header to communicate what methods a user is authorized to perform on a resource. This works great when operating on a single item route, but can break down when needing to determine authorization over a collection of items. This commit uses the "targetHints" property of JSON Hyper Schema to provide access to the "allow" header for "self" links. This alleviates needing to make a separate network request for each item in a collection. Props mamaduka, noisysocks, peterwilsoncc, spacedmonkey, swissspidy, timothyblynjacobs, tyxla, youknowriad. Fixes #61739. git-svn-id: https://develop.svn.wordpress.org/trunk@59032 602fd350-edb4-49c9-b593-d223f7449a82 commit f79ad14e03162fe7c82bc63bc8137fa974ed87cc Author: John Blackbourn <[email protected]> Date: Tue Sep 17 21:31:14 2024 +0000 Plugins: Correct the item schema for the plugins REST API endpoint. The `author` property contains the string name of the plugin author. Props narenin. Fixes #61920 git-svn-id: https://develop.svn.wordpress.org/trunk@59031 602fd350-edb4-49c9-b593-d223f7449a82 commit cdd137e9977ee7a2c276e462b61d55c8cb60a58e Author: Jonathan Desrosiers <[email protected]> Date: Tue Sep 17 21:06:30 2024 +0000 External Libraries: Update PHPass library. This updates the PHPass library to version `0.5.4` while maintaining the adjustments introduced in [30466]. Props jrf. Fixes #62058. git-svn-id: https://develop.svn.wordpress.org/trunk@59030 602fd350-edb4-49c9-b593-d223f7449a82 commit 70c7962fee55cd10ffb2ab35c19c7d78359bef07 Author: Pascal Birchler <[email protected]> Date: Tue Sep 17 20:56:03 2024 +0000 I18N: Add a new way to determine whether a translation is available. A new `has_translation()` function can be used to determine whether a translation exists for a given string. Props louiswol94, swissspidy, drzraf, ckanitz, tomhine, mchirag2002, samuelsilvapt. Fixes #52696. git-svn-id: https://develop.svn.wordpress.org/trunk@59029 602fd350-edb4-49c9-b593-d223f7449a82 commit 4dafd584c91524f0cfd743f728d5f334df761e11 Author: Felix Arntz <[email protected]> Date: Tue Sep 17 16:58:10 2024 +0000 Taxonomy: Remove redundant `$taxonomies` value from cache keys used for `WP_Term_Query`. Props niravsherasiya7707, spacedmonkey. Fixes #59594. See #35381. git-svn-id: https://develop.svn.wordpress.org/trunk@59028 602fd350-edb4-49c9-b593-d223f7449a82 commit 7dad836c7ff293879da0cdcce98472b5d85d3708 Author: Sergey Biryukov <[email protected]> Date: Tue Sep 17 00:01:09 2024 +0000 General: Add missing `initial-scale` value in viewport meta tags. The viewport meta should include `initial-scale=1.0` to ensure that high DPI/mobile display works as expected. References: * [https://css-tricks.com/probably-use-initial-scale1/ CSS-Tricks: Probably Use initial-scale=1] * [https://www.sitepoint.com/community/t/is-it-necessary-to-include-initial-scale-1-0-in-the-meta-viewport-tag/455119 SitePoint Forums: Is it necessary to include initial-scale=1.0 in the meta viewport tag?] Follow-up to [59026]. Props dhruvang21, sabernhardt, kkmuffme, mukesh27, narenin, swissspidy, SergeyBiryukov. Fixes #61988. git-svn-id: https://develop.svn.wordpress.org/trunk@59027 602fd350-edb4-49c9-b593-d223f7449a82 commit 8b8fb62a066e34862a8bb30498d1e1b5e18290f0 Author: Sergey Biryukov <[email protected]> Date: Mon Sep 16 22:16:46 2024 +0000 Bundled Themes: Add missing `initial-scale` value in viewport meta tag. The viewport meta should include `initial-scale=1.0` to ensure that high DPI/mobile display works as expected. Includes standardizing on `1.0` vs. `1` for consistency. References: * [https://css-tricks.com/probably-use-initial-scale1/ CSS-Tricks: Probably Use initial-scale=1] * [https://www.sitepoint.com/community/t/is-it-necessary-to-include-initial-scale-1-0-in-the-meta-viewport-tag/455119 SitePoint Forums: Is it necessary to include initial-scale=1.0 in the meta viewport tag?] Props dhruvang21, sabernhardt, kkmuffme, mukesh27, swissspidy, SergeyBiryukov. See #61988. git-svn-id: https://develop.svn.wordpress.org/trunk@59026 602fd350-edb4-49c9-b593-d223f7449a82 commit ca64c851f7d73a48fa19a5d54467d45fc66a1098 Author: Dennis Snell <[email protected]> Date: Mon Sep 16 20:15:17 2024 +0000 HTML API: Update html5lib test runner to support new features. This patch updates the html5lib test runner following the merge of changes opening up a full HTML parser and additional fragment contents. It makes no Core code changes, but allows a more tests to complete which previously failed due to incomplete test runner support.. Developed in https://github.com/wordpress/wordpress-develop/pull/7346 Discussed in https://core.trac.wordpress.org/ticket/61646 Props jonsurrell. See #61646. git-svn-id: https://develop.svn.wordpress.org/trunk@59025 602fd350-edb4-49c9-b593-d223f7449a82 commit 1637791aefdfa2a5169c5b81175655a7c540fcfa Author: Dennis Snell <[email protected]> Date: Mon Sep 16 17:54:08 2024 +0000 HTML API: Prevent infinite loop in foreign content reprocessing step. An infinite loop was discovered in specific situations within foreign content inside the HTML Processor when a given node inside foreign content must be handled in the rules for the current insertion mode. This patch resolves the loop by handling those nodes directly instead of reprocessing the node, which previously was redirecting control flow back to where the loop started. Developed in https://github.com/wordpress/wordpress-develop/7347 Discussed in https://core.trac.wordpress.org/ticket/61656 Follow-up to [58868]. Props jonsurrell. See #61576. git-svn-id: https://develop.svn.wordpress.org/trunk@59024 602fd350-edb4-49c9-b593-d223f7449a82 commit d2ce8ddbe026ce33115c1bb6e60d3efbb96fa6ed Author: Greg Ziółkowski <[email protected]> Date: Mon Sep 16 11:31:17 2024 +0000 Meta: Add label argument to register_meta function With the introduction of Block Bindings, it became more common to see workflows where users need t…
HTML often appears in ways that are unexpected. It may be missing implicit tags, may have unquoted, single-quoted, or double-quoted attributes, may contain duplicate attributes, may contain unescaped text content, or any number of other possible invalid constructions. The HTML API understands all fo these inputs, but downline parsers may not, and HTML snippets which are safe on their own may introduce problems when joined with other HTML snippets. This patch introduces the `serialize()` method on the HTML Processor, which prints a fully-normative HTML output, eliminating invalid markup along the way. It produces a string which contains every missing tag, double-quoted attributes, and no duplicates. A `normalize()` static method on the HTML Processor provides a convenient wrapper for constructing a fragment parser and immediately serializing. Subclasses relying on the `serialize_token()` method may perform structural HTML modifications with as much security as the upcoming `\Dom\HTMLDocument()` parser will, though these are not able to provide the full safety that will eventually appear with `set_inner_html()`. Further work may explore serializing to XML (which involves a number of other important transformations) and adding constraints to serialization (such as only allowing inline/flow/formatting elements and text). Developed in WordPress#7331 Discussed in https://core.trac.wordpress.org/ticket/62036 Props dmsnell, jonsurrell, westonruter. Fixes #62036. git-svn-id: https://develop.svn.wordpress.org/trunk@59076 602fd350-edb4-49c9-b593-d223f7449a82
Trac ticket: Core-62036.
See also dmsnell#20
See also dmsnell#21
The HTML Processor understands HTML regardless of how it's written, but
many other functions are unable to do so. There are all sorts of syntax
peculiarities and semantics that would be helpful to eliminate using the
knowledge contained in the HTML Processor.
This patch introduces
WP_HTML_Processor::normalize( $html )
as amethod which takes a fragment of HTML as input and then returns a
serialized version of the input, "cleaning it up" by balancing all
tags, providing all missing optional tags, re-encoding all text,
removing all duplicate attributes, and double-quote-escaping all
attribute values.