Merge pull request #774 from Automattic/3.0/fix/613-remove-batcache-s…

…niff
Automattic · Aug 24, 2023 · a7006ed · a7006ed
2 parents b1018cb + 0b15294
commit a7006ed
Show file tree

Hide file tree

Showing 8 changed files with 11 additions and 178 deletions.
diff --git a/WordPress-VIP-Go/ruleset-test.inc b/WordPress-VIP-Go/ruleset-test.inc
@@ -56,8 +56,8 @@ $x = sanitize_key( $_COOKIE['bar'] ); // phpcs:ignore WordPress.Security.Validat
 if ( isset( $_SERVER['HTTP_USER_AGENT'] ) && $_SERVER['HTTP_USER_AGENT'] === 'some_value' ) { // Error.
 }
 
-
-
+// Make sure nonce verification is done in global scope to silence notices about use of superglobals without later on in the file.
+isset( $_GET['my_nonce'] ) && wp_verify_nonce( sanitize_text_field( $_GET['my_nonce'] ) );
 
 // WordPress.WP.AlternativeFunctions.file_system_read_fopen
 fopen( 'file.txt', 'r' ); // Warning + Message.
@@ -80,7 +80,7 @@ function foo_bar() {
 }
 
 // WordPress.Security.ValidatedSanitizedInput.InputNotSanitized
-do_something( $_POST ); // Error.
+do_something( $_POST['key'] ); // Error + warning.
 if ( isset( $_POST['foo2'] ) ) {
 	bar( wp_unslash( $_POST['foo2'] ) ); // Warning.
 }
@@ -279,10 +279,10 @@ $args( [
 $query = new WP_Query( ['meta_key' => 'foo' ] ); // Ok.
 $args = 'foo=bar&meta_key=foo'; // Ok.
 
-// WordPressVIPMinimum.Performance.BatcacheWhitelistedParams
-if ( isset( $_GET['migSource'] ) && wp_verify_nonce( sanitize_text_field( $_GET['migSource'] ) ) ) {
-	$test = sanitize_text_field( $_GET['migSource'] ); // Ok.
-}
+
+
+
+
 
 
 

diff --git a/WordPress-VIP-Go/ruleset-test.php b/WordPress-VIP-Go/ruleset-test.php
@@ -134,6 +134,7 @@
 		47  => 1,
 		63  => 1,
 		66  => 1,
+		83  => 1,
 		85  => 1,
 		90  => 1,
 		94  => 1,

diff --git a/WordPress-VIP-Go/ruleset.xml b/WordPress-VIP-Go/ruleset.xml
@@ -243,10 +243,6 @@
 		<!-- We are silencing this one because VIP Go has a combined index on meta_key, meta_value-->
 		<severity>0</severity>
 	</rule>
-	<rule ref="WordPressVIPMinimum.Performance.BatcacheWhitelistedParams">
-		<!-- We are silencing this one because VIP Go does not use Batcache-->
-		<severity>0</severity>
-	</rule>
 	<rule ref="Generic.PHP.DisallowShortOpenTag.EchoFound">
 		<severity>0</severity>
 	</rule>

diff --git a/WordPressVIPMinimum/Sniffs/Performance/BatcacheWhitelistedParamsSniff.php b/WordPressVIPMinimum/Sniffs/Performance/BatcacheWhitelistedParamsSniff.php
diff --git a/WordPressVIPMinimum/Tests/Performance/BatcacheWhitelistedParamsUnitTest.inc b/WordPressVIPMinimum/Tests/Performance/BatcacheWhitelistedParamsUnitTest.inc
diff --git a/WordPressVIPMinimum/Tests/Performance/BatcacheWhitelistedParamsUnitTest.php b/WordPressVIPMinimum/Tests/Performance/BatcacheWhitelistedParamsUnitTest.php
diff --git a/WordPressVIPMinimum/ruleset-test.inc b/WordPressVIPMinimum/ruleset-test.inc
@@ -442,9 +442,9 @@ add_filter( 'robots_txt', function() { // Warning.
 	return 'test';
 } );
 
-// WordPressVIPMinimum.Performance.BatcacheWhitelistedParams
-// phpcs:ignore WordPress.Security.ValidatedSanitizedInput.InputNotValidated
-$test = sanitize_text_field( $_GET["utm_medium"] ); // Warning.
+
+
+
 
 // WordPressVIPMinimum.Performance.CacheValueOverride
 $bad_wp_users = wp_cache_get( md5( self::CACHE_KEY . '_wp_users'), self::CACHE_GROUP );

diff --git a/WordPressVIPMinimum/ruleset-test.php b/WordPressVIPMinimum/ruleset-test.php
@@ -272,7 +272,6 @@
 		439 => 1,
 		440 => 1,
 		441 => 1,
-		447 => 1,
 		454 => 1,
 		457 => 1,
 		458 => 1,