Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Escape comment author URL #44999

Merged
merged 1 commit into from
Oct 17, 2022
Merged

Escape comment author URL #44999

merged 1 commit into from
Oct 17, 2022

Conversation

zenaul
Copy link
Contributor

@zenaul zenaul commented Oct 16, 2022

What?

Correctly escape $comment->comment_author_url URL

Why?

IN 'wp-includes/blocks/avatar.php' on line 130 I've found that $comment->comment_author_url was used without escaping. I think we can improve it by escaping the URL for more consistency.

How?

Testing Instructions

  1. Open a Post or Page.
  2. Insert an Avatar Block.

Screenshots or screencast

@zenaul zenaul requested a review from ajitbohra as a code owner October 16, 2022 15:16
@github-actions github-actions bot added the First-time Contributor Pull request opened by a first-time contributor to Gutenberg repository label Oct 16, 2022
@github-actions
Copy link

👋 Thanks for your first Pull Request and for helping build the future of Gutenberg and WordPress, @zenaul! In case you missed it, we'd love to have you join us in our Slack community, where we hold regularly weekly meetings open to anyone to coordinate with each other.

If you want to learn more about WordPress development in general, check out the Core Handbook full of helpful information.

@Mamaduka Mamaduka requested a review from cbravobernal October 17, 2022 13:12
Copy link
Contributor

@alexstine alexstine left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

@zenaul Thanks for your PR.

This makes sense. LGTM.

@alexstine alexstine added [Type] Code Quality Issues or PRs that relate to code quality [Block] Avatar Affects the Avatar Block labels Oct 17, 2022
@cbravobernal cbravobernal added Backport to WP 6.7 Beta/RC Pull request that needs to be backported to the WordPress major release that's currently in beta [Type] Bug An existing feature does not function as intended labels Oct 17, 2022
@cbravobernal cbravobernal merged commit 571699b into WordPress:trunk Oct 17, 2022
@michalczaplinski
Copy link
Contributor

I just cherry-picked this PR to the wp/6.1-rc-2 branch to get it included in the next release: 56c871a

@michalczaplinski michalczaplinski removed the Backport to WP 6.7 Beta/RC Pull request that needs to be backported to the WordPress major release that's currently in beta label Oct 18, 2022
markjaquith pushed a commit to markjaquith/WordPress that referenced this pull request Oct 18, 2022
Package updates for bug and regression fixes:
- `@wordpress/block-directory: 3.15.8`
- `@wordpress/block-editor: 10.0.7`
- `@wordpress/block-library: 7.14.8`
- `@wordpress/components: 21.0.6`
- `@wordpress/customize-widgets: 3.14.8`
- `@wordpress/edit-post: 6.14.8`
- `@wordpress/edit-site: 4.14.10`
- `@wordpress/edit-widgets: 4.14.8`
- `@wordpress/editor: 12.16.7`
- `@wordpress/format-library: 3.15.7`
- `@wordpress/interface: 4.16.6`
- `@wordpress/list-reusable-blocks: 3.15.6`
- `@wordpress/nux: 5.15.6`
- `@wordpress/preferences: 2.9.6`
- `@wordpress/reusable-blocks: 3.15.7`
- `@wordpress/server-side-render: 3.15.6`
- `@wordpress/widgets: 2.15.7`

Original PRs from Gutenberg repository:
- [WordPress/gutenberg#45041 #45041 Font Size Picker Hint: Fallback to font size `slug` if `name` is undefined]
- [WordPress/gutenberg#45045 #45045 Add: Missing output escaping on some blocks]
- [WordPress/gutenberg#44999 #44999 Escape comment author URL]
- [WordPress/gutenberg#44972 #44972 Navigator: restore focus only once per location]
- [WordPress/gutenberg#44858 #44858 Spacing Sizes Control: Try improving layout spacing]
- [WordPress/gutenberg#44878 #44878 Fix: Inspector is usable on the top level block even if it is content locked]
- [WordPress/gutenberg#44809 #44809 Fix list outdents on Enter in quote block]
- [WordPress/gutenberg#44864 #44864 List v2: fix selection when creating paragraph from empty list item]
- [WordPress/gutenberg#44853 #44853 Fix overflowing patterns]
- [WordPress/gutenberg#45050 #45050 Fix visibility of nested Group block appender]
- [WordPress/gutenberg#44887 #44887 wp-env: Use case insensitive regex when checking WP version string]

Follow-up to [54257], [54335], [54383], [54483], [54486], [54490].

Props bernhard-reiter, audrasjb.
See #56467.
Built from https://develop.svn.wordpress.org/trunk@54632


git-svn-id: http://core.svn.wordpress.org/trunk@54184 1a063a9b-81f0-0310-95a4-ce76da25c4cd
github-actions bot pushed a commit to platformsh/wordpress-performance that referenced this pull request Oct 18, 2022
Package updates for bug and regression fixes:
- `@wordpress/block-directory: 3.15.8`
- `@wordpress/block-editor: 10.0.7`
- `@wordpress/block-library: 7.14.8`
- `@wordpress/components: 21.0.6`
- `@wordpress/customize-widgets: 3.14.8`
- `@wordpress/edit-post: 6.14.8`
- `@wordpress/edit-site: 4.14.10`
- `@wordpress/edit-widgets: 4.14.8`
- `@wordpress/editor: 12.16.7`
- `@wordpress/format-library: 3.15.7`
- `@wordpress/interface: 4.16.6`
- `@wordpress/list-reusable-blocks: 3.15.6`
- `@wordpress/nux: 5.15.6`
- `@wordpress/preferences: 2.9.6`
- `@wordpress/reusable-blocks: 3.15.7`
- `@wordpress/server-side-render: 3.15.6`
- `@wordpress/widgets: 2.15.7`

Original PRs from Gutenberg repository:
- [WordPress/gutenberg#45041 #45041 Font Size Picker Hint: Fallback to font size `slug` if `name` is undefined]
- [WordPress/gutenberg#45045 #45045 Add: Missing output escaping on some blocks]
- [WordPress/gutenberg#44999 #44999 Escape comment author URL]
- [WordPress/gutenberg#44972 #44972 Navigator: restore focus only once per location]
- [WordPress/gutenberg#44858 #44858 Spacing Sizes Control: Try improving layout spacing]
- [WordPress/gutenberg#44878 #44878 Fix: Inspector is usable on the top level block even if it is content locked]
- [WordPress/gutenberg#44809 #44809 Fix list outdents on Enter in quote block]
- [WordPress/gutenberg#44864 #44864 List v2: fix selection when creating paragraph from empty list item]
- [WordPress/gutenberg#44853 #44853 Fix overflowing patterns]
- [WordPress/gutenberg#45050 #45050 Fix visibility of nested Group block appender]
- [WordPress/gutenberg#44887 #44887 wp-env: Use case insensitive regex when checking WP version string]

Follow-up to [54257], [54335], [54383], [54483], [54486], [54490].

Props bernhard-reiter, audrasjb.
See #56467.
Built from https://develop.svn.wordpress.org/trunk@54632


git-svn-id: https://core.svn.wordpress.org/trunk@54184 1a063a9b-81f0-0310-95a4-ce76da25c4cd
ootwch pushed a commit to ootwch/wordpress-develop that referenced this pull request Nov 4, 2022
Package updates for bug and regression fixes:
- `@wordpress/block-directory: 3.15.8`
- `@wordpress/block-editor: 10.0.7`
- `@wordpress/block-library: 7.14.8`
- `@wordpress/components: 21.0.6`
- `@wordpress/customize-widgets: 3.14.8`
- `@wordpress/edit-post: 6.14.8`
- `@wordpress/edit-site: 4.14.10`
- `@wordpress/edit-widgets: 4.14.8`
- `@wordpress/editor: 12.16.7`
- `@wordpress/format-library: 3.15.7`
- `@wordpress/interface: 4.16.6`
- `@wordpress/list-reusable-blocks: 3.15.6`
- `@wordpress/nux: 5.15.6`
- `@wordpress/preferences: 2.9.6`
- `@wordpress/reusable-blocks: 3.15.7`
- `@wordpress/server-side-render: 3.15.6`
- `@wordpress/widgets: 2.15.7`

Original PRs from Gutenberg repository:
- [WordPress/gutenberg#45041 #45041 Font Size Picker Hint: Fallback to font size `slug` if `name` is undefined]
- [WordPress/gutenberg#45045 #45045 Add: Missing output escaping on some blocks]
- [WordPress/gutenberg#44999 #44999 Escape comment author URL]
- [WordPress/gutenberg#44972 #44972 Navigator: restore focus only once per location]
- [WordPress/gutenberg#44858 #44858 Spacing Sizes Control: Try improving layout spacing]
- [WordPress/gutenberg#44878 #44878 Fix: Inspector is usable on the top level block even if it is content locked]
- [WordPress/gutenberg#44809 #44809 Fix list outdents on Enter in quote block]
- [WordPress/gutenberg#44864 #44864 List v2: fix selection when creating paragraph from empty list item]
- [WordPress/gutenberg#44853 #44853 Fix overflowing patterns]
- [WordPress/gutenberg#45050 #45050 Fix visibility of nested Group block appender]
- [WordPress/gutenberg#44887 #44887 wp-env: Use case insensitive regex when checking WP version string]

Follow-up to [54257], [54335], [54383], [54483], [54486], [54490].

Props bernhard-reiter, audrasjb.
See #56467.

git-svn-id: https://develop.svn.wordpress.org/trunk@54632 602fd350-edb4-49c9-b593-d223f7449a82
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Labels
[Block] Avatar Affects the Avatar Block First-time Contributor Pull request opened by a first-time contributor to Gutenberg repository [Type] Bug An existing feature does not function as intended [Type] Code Quality Issues or PRs that relate to code quality
Projects
None yet
Development

Successfully merging this pull request may close these issues.

4 participants