General: Remove noreferrer
from wp_targeted_link_rel()
and other uses.
When `noopener noreferrer` was originally added in #37941 and related tickets, the `noreferrer` bit was specifically included due to Firefox not supporting `noopener` at the time. Since `noopener` has been supported by all major browsers for a while, it should now be safe to remove the `noreferrer` attribute from core. Props Mista-Flo, audrasjb, joostdevalk, jonoaldersonwp, peterwilsoncc, elgameel. Fixes #49558. git-svn-id: https://develop.svn.wordpress.org/trunk@49215 602fd350-edb4-49c9-b593-d223f7449a82
This commit is contained in:
parent
ffbde71040
commit
2a8dae456d
@ -730,7 +730,7 @@ class WP_Site_Health {
|
|||||||
)
|
)
|
||||||
),
|
),
|
||||||
'actions' => sprintf(
|
'actions' => sprintf(
|
||||||
'<p><a href="%s" target="_blank" rel="noopener noreferrer">%s <span class="screen-reader-text">%s</span><span aria-hidden="true" class="dashicons dashicons-external"></span></a></p>',
|
'<p><a href="%s" target="_blank" rel="noopener">%s <span class="screen-reader-text">%s</span><span aria-hidden="true" class="dashicons dashicons-external"></span></a></p>',
|
||||||
esc_url( wp_get_update_php_url() ),
|
esc_url( wp_get_update_php_url() ),
|
||||||
__( 'Learn more about updating PHP' ),
|
__( 'Learn more about updating PHP' ),
|
||||||
/* translators: Accessibility text. */
|
/* translators: Accessibility text. */
|
||||||
@ -842,7 +842,7 @@ class WP_Site_Health {
|
|||||||
__( 'The WordPress Hosting Team maintains a list of those modules, both recommended and required, in <a href="%1$s" %2$s>the team handbook%3$s</a>.' ),
|
__( 'The WordPress Hosting Team maintains a list of those modules, both recommended and required, in <a href="%1$s" %2$s>the team handbook%3$s</a>.' ),
|
||||||
/* translators: Localized team handbook, if one exists. */
|
/* translators: Localized team handbook, if one exists. */
|
||||||
esc_url( __( 'https://make.wordpress.org/hosting/handbook/handbook/server-environment/#php-extensions' ) ),
|
esc_url( __( 'https://make.wordpress.org/hosting/handbook/handbook/server-environment/#php-extensions' ) ),
|
||||||
'target="_blank" rel="noopener noreferrer"',
|
'target="_blank" rel="noopener"',
|
||||||
sprintf(
|
sprintf(
|
||||||
' <span class="screen-reader-text">%s</span><span aria-hidden="true" class="dashicons dashicons-external"></span>',
|
' <span class="screen-reader-text">%s</span><span aria-hidden="true" class="dashicons dashicons-external"></span>',
|
||||||
/* translators: Accessibility text. */
|
/* translators: Accessibility text. */
|
||||||
@ -1159,7 +1159,7 @@ class WP_Site_Health {
|
|||||||
__( 'The SQL server is a required piece of software for the database WordPress uses to store all your site’s content and settings.' )
|
__( 'The SQL server is a required piece of software for the database WordPress uses to store all your site’s content and settings.' )
|
||||||
),
|
),
|
||||||
'actions' => sprintf(
|
'actions' => sprintf(
|
||||||
'<p><a href="%s" target="_blank" rel="noopener noreferrer">%s <span class="screen-reader-text">%s</span><span aria-hidden="true" class="dashicons dashicons-external"></span></a></p>',
|
'<p><a href="%s" target="_blank" rel="noopener">%s <span class="screen-reader-text">%s</span><span aria-hidden="true" class="dashicons dashicons-external"></span></a></p>',
|
||||||
/* translators: Localized version of WordPress requirements if one exists. */
|
/* translators: Localized version of WordPress requirements if one exists. */
|
||||||
esc_url( __( 'https://wordpress.org/about/requirements/' ) ),
|
esc_url( __( 'https://wordpress.org/about/requirements/' ) ),
|
||||||
__( 'Learn more about what WordPress requires to run.' ),
|
__( 'Learn more about what WordPress requires to run.' ),
|
||||||
@ -1396,7 +1396,7 @@ class WP_Site_Health {
|
|||||||
);
|
);
|
||||||
|
|
||||||
$result['actions'] = sprintf(
|
$result['actions'] = sprintf(
|
||||||
'<p><a href="%s" target="_blank" rel="noopener noreferrer">%s <span class="screen-reader-text">%s</span><span aria-hidden="true" class="dashicons dashicons-external"></span></a></p>',
|
'<p><a href="%s" target="_blank" rel="noopener">%s <span class="screen-reader-text">%s</span><span aria-hidden="true" class="dashicons dashicons-external"></span></a></p>',
|
||||||
/* translators: Localized Support reference. */
|
/* translators: Localized Support reference. */
|
||||||
esc_url( __( 'https://wordpress.org/support' ) ),
|
esc_url( __( 'https://wordpress.org/support' ) ),
|
||||||
__( 'Get help resolving this issue.' ),
|
__( 'Get help resolving this issue.' ),
|
||||||
@ -1434,7 +1434,7 @@ class WP_Site_Health {
|
|||||||
__( 'Debug mode is often enabled to gather more details about an error or site failure, but may contain sensitive information which should not be available on a publicly available website.' )
|
__( 'Debug mode is often enabled to gather more details about an error or site failure, but may contain sensitive information which should not be available on a publicly available website.' )
|
||||||
),
|
),
|
||||||
'actions' => sprintf(
|
'actions' => sprintf(
|
||||||
'<p><a href="%s" target="_blank" rel="noopener noreferrer">%s <span class="screen-reader-text">%s</span><span aria-hidden="true" class="dashicons dashicons-external"></span></a></p>',
|
'<p><a href="%s" target="_blank" rel="noopener">%s <span class="screen-reader-text">%s</span><span aria-hidden="true" class="dashicons dashicons-external"></span></a></p>',
|
||||||
/* translators: Documentation explaining debugging in WordPress. */
|
/* translators: Documentation explaining debugging in WordPress. */
|
||||||
esc_url( __( 'https://wordpress.org/support/article/debugging-in-wordpress/' ) ),
|
esc_url( __( 'https://wordpress.org/support/article/debugging-in-wordpress/' ) ),
|
||||||
__( 'Learn more about debugging in WordPress.' ),
|
__( 'Learn more about debugging in WordPress.' ),
|
||||||
@ -1503,7 +1503,7 @@ class WP_Site_Health {
|
|||||||
__( 'An HTTPS connection is a more secure way of browsing the web. Many services now have HTTPS as a requirement. HTTPS allows you to take advantage of new features that can increase site speed, improve search rankings, and gain the trust of your visitors by helping to protect their online privacy.' )
|
__( 'An HTTPS connection is a more secure way of browsing the web. Many services now have HTTPS as a requirement. HTTPS allows you to take advantage of new features that can increase site speed, improve search rankings, and gain the trust of your visitors by helping to protect their online privacy.' )
|
||||||
),
|
),
|
||||||
'actions' => sprintf(
|
'actions' => sprintf(
|
||||||
'<p><a href="%s" target="_blank" rel="noopener noreferrer">%s <span class="screen-reader-text">%s</span><span aria-hidden="true" class="dashicons dashicons-external"></span></a></p>',
|
'<p><a href="%s" target="_blank" rel="noopener">%s <span class="screen-reader-text">%s</span><span aria-hidden="true" class="dashicons dashicons-external"></span></a></p>',
|
||||||
/* translators: Documentation explaining HTTPS and why it should be used. */
|
/* translators: Documentation explaining HTTPS and why it should be used. */
|
||||||
esc_url( __( 'https://wordpress.org/support/article/why-should-i-use-https/' ) ),
|
esc_url( __( 'https://wordpress.org/support/article/why-should-i-use-https/' ) ),
|
||||||
__( 'Learn more about why you should use HTTPS' ),
|
__( 'Learn more about why you should use HTTPS' ),
|
||||||
|
@ -1761,7 +1761,7 @@ function wp_dashboard_php_nag() {
|
|||||||
<p class="button-container">
|
<p class="button-container">
|
||||||
<?php
|
<?php
|
||||||
printf(
|
printf(
|
||||||
'<a class="button button-primary" href="%1$s" target="_blank" rel="noopener noreferrer">%2$s <span class="screen-reader-text">%3$s</span><span aria-hidden="true" class="dashicons dashicons-external"></span></a>',
|
'<a class="button button-primary" href="%1$s" target="_blank" rel="noopener">%2$s <span class="screen-reader-text">%3$s</span><span aria-hidden="true" class="dashicons dashicons-external"></span></a>',
|
||||||
esc_url( wp_get_update_php_url() ),
|
esc_url( wp_get_update_php_url() ),
|
||||||
__( 'Learn more about updating PHP' ),
|
__( 'Learn more about updating PHP' ),
|
||||||
/* translators: Accessibility text. */
|
/* translators: Accessibility text. */
|
||||||
|
@ -3216,7 +3216,7 @@ function edit_form_image_editor( $post ) {
|
|||||||
/* translators: 1: Link to tutorial, 2: Additional link attributes, 3: Accessibility text. */
|
/* translators: 1: Link to tutorial, 2: Additional link attributes, 3: Accessibility text. */
|
||||||
__( '<a href="%1$s" %2$s>Describe the purpose of the image%3$s</a>. Leave empty if the image is purely decorative.' ),
|
__( '<a href="%1$s" %2$s>Describe the purpose of the image%3$s</a>. Leave empty if the image is purely decorative.' ),
|
||||||
esc_url( 'https://www.w3.org/WAI/tutorials/images/decision-tree' ),
|
esc_url( 'https://www.w3.org/WAI/tutorials/images/decision-tree' ),
|
||||||
'target="_blank" rel="noopener noreferrer"',
|
'target="_blank" rel="noopener"',
|
||||||
sprintf(
|
sprintf(
|
||||||
'<span class="screen-reader-text"> %s</span>',
|
'<span class="screen-reader-text"> %s</span>',
|
||||||
/* translators: Accessibility text. */
|
/* translators: Accessibility text. */
|
||||||
|
@ -173,7 +173,7 @@ class Walker_Nav_Menu extends Walker {
|
|||||||
$atts['title'] = ! empty( $item->attr_title ) ? $item->attr_title : '';
|
$atts['title'] = ! empty( $item->attr_title ) ? $item->attr_title : '';
|
||||||
$atts['target'] = ! empty( $item->target ) ? $item->target : '';
|
$atts['target'] = ! empty( $item->target ) ? $item->target : '';
|
||||||
if ( '_blank' === $item->target && empty( $item->xfn ) ) {
|
if ( '_blank' === $item->target && empty( $item->xfn ) ) {
|
||||||
$atts['rel'] = 'noopener noreferrer';
|
$atts['rel'] = 'noopener';
|
||||||
} else {
|
} else {
|
||||||
$atts['rel'] = $item->xfn;
|
$atts['rel'] = $item->xfn;
|
||||||
}
|
}
|
||||||
|
@ -3647,7 +3647,7 @@ function wp_comments_personal_data_exporter( $email_address, $page = 1 ) {
|
|||||||
case 'comment_link':
|
case 'comment_link':
|
||||||
$value = get_comment_link( $comment->comment_ID );
|
$value = get_comment_link( $comment->comment_ID );
|
||||||
$value = sprintf(
|
$value = sprintf(
|
||||||
'<a href="%s" target="_blank" rel="noreferrer noopener">%s</a>',
|
'<a href="%s" target="_blank" rel="noopener">%s</a>',
|
||||||
esc_url( $value ),
|
esc_url( $value ),
|
||||||
esc_html( $value )
|
esc_html( $value )
|
||||||
);
|
);
|
||||||
|
@ -3153,9 +3153,10 @@ function wp_rel_ugc( $text ) {
|
|||||||
}
|
}
|
||||||
|
|
||||||
/**
|
/**
|
||||||
* Adds rel noreferrer and noopener to all HTML A elements that have a target.
|
* Adds `rel="noopener"` to all HTML A elements that have a target.
|
||||||
*
|
*
|
||||||
* @since 5.1.0
|
* @since 5.1.0
|
||||||
|
* @since 5.6.0 Removed 'noreferrer' relationship.
|
||||||
*
|
*
|
||||||
* @param string $text Content that may contain HTML A elements.
|
* @param string $text Content that may contain HTML A elements.
|
||||||
* @return string Converted content.
|
* @return string Converted content.
|
||||||
@ -3188,15 +3189,15 @@ function wp_targeted_link_rel( $text ) {
|
|||||||
}
|
}
|
||||||
|
|
||||||
/**
|
/**
|
||||||
* Callback to add rel="noreferrer noopener" string to HTML A element.
|
* Callback to add `rel="noopener"` string to HTML A element.
|
||||||
*
|
*
|
||||||
* Will not duplicate existing noreferrer and noopener values
|
* Will not duplicate an existing 'noopener' value to avoid invalidating the HTML.
|
||||||
* to prevent from invalidating the HTML.
|
|
||||||
*
|
*
|
||||||
* @since 5.1.0
|
* @since 5.1.0
|
||||||
|
* @since 5.6.0 Removed 'noreferrer' relationship.
|
||||||
*
|
*
|
||||||
* @param array $matches Single Match
|
* @param array $matches Single match.
|
||||||
* @return string HTML A Element with rel noreferrer noopener in addition to any existing values
|
* @return string HTML A Element with `rel="noopener"` in addition to any existing values.
|
||||||
*/
|
*/
|
||||||
function wp_targeted_link_rel_callback( $matches ) {
|
function wp_targeted_link_rel_callback( $matches ) {
|
||||||
$link_html = $matches[1];
|
$link_html = $matches[1];
|
||||||
@ -3219,7 +3220,7 @@ function wp_targeted_link_rel_callback( $matches ) {
|
|||||||
* @param string $rel The rel values.
|
* @param string $rel The rel values.
|
||||||
* @param string $link_html The matched content of the link tag including all HTML attributes.
|
* @param string $link_html The matched content of the link tag including all HTML attributes.
|
||||||
*/
|
*/
|
||||||
$rel = apply_filters( 'wp_targeted_link_rel', 'noopener noreferrer', $link_html );
|
$rel = apply_filters( 'wp_targeted_link_rel', 'noopener', $link_html );
|
||||||
|
|
||||||
// Return early if no rel values to be added or if no actual target attribute.
|
// Return early if no rel values to be added or if no actual target attribute.
|
||||||
if ( ! $rel || ! isset( $atts['target'] ) ) {
|
if ( ! $rel || ! isset( $atts['target'] ) ) {
|
||||||
|
@ -7540,7 +7540,7 @@ function wp_direct_php_update_button() {
|
|||||||
|
|
||||||
echo '<p class="button-container">';
|
echo '<p class="button-container">';
|
||||||
printf(
|
printf(
|
||||||
'<a class="button button-primary" href="%1$s" target="_blank" rel="noopener noreferrer">%2$s <span class="screen-reader-text">%3$s</span><span aria-hidden="true" class="dashicons dashicons-external"></span></a>',
|
'<a class="button button-primary" href="%1$s" target="_blank" rel="noopener">%2$s <span class="screen-reader-text">%3$s</span><span aria-hidden="true" class="dashicons dashicons-external"></span></a>',
|
||||||
esc_url( $direct_update_url ),
|
esc_url( $direct_update_url ),
|
||||||
__( 'Update PHP' ),
|
__( 'Update PHP' ),
|
||||||
/* translators: Accessibility text. */
|
/* translators: Accessibility text. */
|
||||||
|
@ -160,7 +160,7 @@ function wp_print_media_templates() {
|
|||||||
/* translators: 1: Link to tutorial, 2: Additional link attributes, 3: Accessibility text. */
|
/* translators: 1: Link to tutorial, 2: Additional link attributes, 3: Accessibility text. */
|
||||||
__( '<a href="%1$s" %2$s>Describe the purpose of the image%3$s</a>. Leave empty if the image is purely decorative.' ),
|
__( '<a href="%1$s" %2$s>Describe the purpose of the image%3$s</a>. Leave empty if the image is purely decorative.' ),
|
||||||
esc_url( 'https://www.w3.org/WAI/tutorials/images/decision-tree' ),
|
esc_url( 'https://www.w3.org/WAI/tutorials/images/decision-tree' ),
|
||||||
'target="_blank" rel="noopener noreferrer"',
|
'target="_blank" rel="noopener"',
|
||||||
sprintf(
|
sprintf(
|
||||||
'<span class="screen-reader-text"> %s</span>',
|
'<span class="screen-reader-text"> %s</span>',
|
||||||
/* translators: Accessibility text. */
|
/* translators: Accessibility text. */
|
||||||
|
@ -146,7 +146,7 @@ class WP_Widget_Custom_HTML extends WP_Widget {
|
|||||||
/** This filter is documented in wp-includes/widgets/class-wp-widget-text.php */
|
/** This filter is documented in wp-includes/widgets/class-wp-widget-text.php */
|
||||||
$content = apply_filters( 'widget_text', $instance['content'], $simulated_text_widget_instance, $this );
|
$content = apply_filters( 'widget_text', $instance['content'], $simulated_text_widget_instance, $this );
|
||||||
|
|
||||||
// Adds noreferrer and noopener relationships, without duplicating values, to all HTML A elements that have a target.
|
// Adds 'noopener' relationship, without duplicating values, to all HTML A elements that have a target.
|
||||||
$content = wp_targeted_link_rel( $content );
|
$content = wp_targeted_link_rel( $content );
|
||||||
|
|
||||||
/**
|
/**
|
||||||
|
@ -331,7 +331,7 @@ class WP_Widget_Text extends WP_Widget {
|
|||||||
|
|
||||||
$text = preg_replace_callback( '#<(video|iframe|object|embed)\s[^>]*>#i', array( $this, 'inject_video_max_width_style' ), $text );
|
$text = preg_replace_callback( '#<(video|iframe|object|embed)\s[^>]*>#i', array( $this, 'inject_video_max_width_style' ), $text );
|
||||||
|
|
||||||
// Adds noreferrer and noopener relationships, without duplicating values, to all HTML A elements that have a target.
|
// Adds 'noopener' relationship, without duplicating values, to all HTML A elements that have a target.
|
||||||
$text = wp_targeted_link_rel( $text );
|
$text = wp_targeted_link_rel( $text );
|
||||||
|
|
||||||
?>
|
?>
|
||||||
|
@ -689,7 +689,7 @@ switch ( $action ) {
|
|||||||
$accessibility_text = sprintf( '<span class="screen-reader-text"> %s</span>', __( '(opens in a new tab)' ) );
|
$accessibility_text = sprintf( '<span class="screen-reader-text"> %s</span>', __( '(opens in a new tab)' ) );
|
||||||
|
|
||||||
printf(
|
printf(
|
||||||
'<a href="%s" rel="noopener noreferrer" target="_blank">%s%s</a>',
|
'<a href="%s" rel="noopener" target="_blank">%s%s</a>',
|
||||||
esc_url( $admin_email_help_url ),
|
esc_url( $admin_email_help_url ),
|
||||||
__( 'Why is this important?' ),
|
__( 'Why is this important?' ),
|
||||||
$accessibility_text
|
$accessibility_text
|
||||||
@ -1540,7 +1540,7 @@ switch ( $action ) {
|
|||||||
for ( i in links ) {
|
for ( i in links ) {
|
||||||
if ( links[i].href ) {
|
if ( links[i].href ) {
|
||||||
links[i].target = '_blank';
|
links[i].target = '_blank';
|
||||||
links[i].rel = 'noreferrer noopener';
|
links[i].rel = 'noopener';
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
} catch( er ) {}
|
} catch( er ) {}
|
||||||
|
@ -8,61 +8,61 @@ class Tests_Targeted_Link_Rel extends WP_UnitTestCase {
|
|||||||
|
|
||||||
public function test_add_to_links_with_target_blank() {
|
public function test_add_to_links_with_target_blank() {
|
||||||
$content = '<p>Links: <a href="/" target="_blank">No rel</a></p>';
|
$content = '<p>Links: <a href="/" target="_blank">No rel</a></p>';
|
||||||
$expected = '<p>Links: <a href="/" target="_blank" rel="noopener noreferrer">No rel</a></p>';
|
$expected = '<p>Links: <a href="/" target="_blank" rel="noopener">No rel</a></p>';
|
||||||
$this->assertSame( $expected, wp_targeted_link_rel( $content ) );
|
$this->assertSame( $expected, wp_targeted_link_rel( $content ) );
|
||||||
}
|
}
|
||||||
|
|
||||||
public function test_add_to_links_with_target_foo() {
|
public function test_add_to_links_with_target_foo() {
|
||||||
$content = '<p>Links: <a href="/" target="foo">No rel</a></p>';
|
$content = '<p>Links: <a href="/" target="foo">No rel</a></p>';
|
||||||
$expected = '<p>Links: <a href="/" target="foo" rel="noopener noreferrer">No rel</a></p>';
|
$expected = '<p>Links: <a href="/" target="foo" rel="noopener">No rel</a></p>';
|
||||||
$this->assertSame( $expected, wp_targeted_link_rel( $content ) );
|
$this->assertSame( $expected, wp_targeted_link_rel( $content ) );
|
||||||
}
|
}
|
||||||
|
|
||||||
public function test_target_as_first_attribute() {
|
public function test_target_as_first_attribute() {
|
||||||
$content = '<p>Links: <a target="_blank" href="#">No rel</a></p>';
|
$content = '<p>Links: <a target="_blank" href="#">No rel</a></p>';
|
||||||
$expected = '<p>Links: <a target="_blank" href="#" rel="noopener noreferrer">No rel</a></p>';
|
$expected = '<p>Links: <a target="_blank" href="#" rel="noopener">No rel</a></p>';
|
||||||
$this->assertSame( $expected, wp_targeted_link_rel( $content ) );
|
$this->assertSame( $expected, wp_targeted_link_rel( $content ) );
|
||||||
}
|
}
|
||||||
|
|
||||||
public function test_add_to_existing_rel() {
|
public function test_add_to_existing_rel() {
|
||||||
$content = '<p>Links: <a href="/" rel="existing values" target="_blank">Existing rel</a></p>';
|
$content = '<p>Links: <a href="/" rel="existing values" target="_blank">Existing rel</a></p>';
|
||||||
$expected = '<p>Links: <a href="/" rel="existing values noopener noreferrer" target="_blank">Existing rel</a></p>';
|
$expected = '<p>Links: <a href="/" rel="existing values noopener" target="_blank">Existing rel</a></p>';
|
||||||
$this->assertSame( $expected, wp_targeted_link_rel( $content ) );
|
$this->assertSame( $expected, wp_targeted_link_rel( $content ) );
|
||||||
}
|
}
|
||||||
|
|
||||||
public function test_no_duplicate_values_added() {
|
public function test_no_duplicate_values_added() {
|
||||||
$content = '<p>Links: <a href="/" rel="existing noopener values" target="_blank">Existing rel</a></p>';
|
$content = '<p>Links: <a href="/" rel="existing noopener values" target="_blank">Existing rel</a></p>';
|
||||||
$expected = '<p>Links: <a href="/" rel="existing noopener values noreferrer" target="_blank">Existing rel</a></p>';
|
$expected = '<p>Links: <a href="/" rel="existing noopener values" target="_blank">Existing rel</a></p>';
|
||||||
$this->assertSame( $expected, wp_targeted_link_rel( $content ) );
|
$this->assertSame( $expected, wp_targeted_link_rel( $content ) );
|
||||||
}
|
}
|
||||||
|
|
||||||
public function test_rel_with_single_quote_delimiter() {
|
public function test_rel_with_single_quote_delimiter() {
|
||||||
$content = '<p>Links: <a href="/" rel=\'existing values\' target="_blank">Existing rel</a></p>';
|
$content = '<p>Links: <a href="/" rel=\'existing values\' target="_blank">Existing rel</a></p>';
|
||||||
$expected = '<p>Links: <a href="/" rel="existing values noopener noreferrer" target="_blank">Existing rel</a></p>';
|
$expected = '<p>Links: <a href="/" rel="existing values noopener" target="_blank">Existing rel</a></p>';
|
||||||
$this->assertSame( $expected, wp_targeted_link_rel( $content ) );
|
$this->assertSame( $expected, wp_targeted_link_rel( $content ) );
|
||||||
}
|
}
|
||||||
|
|
||||||
public function test_rel_with_no_delimiter() {
|
public function test_rel_with_no_delimiter() {
|
||||||
$content = '<p>Links: <a href="/" rel=existing target="_blank">Existing rel</a></p>';
|
$content = '<p>Links: <a href="/" rel=existing target="_blank">Existing rel</a></p>';
|
||||||
$expected = '<p>Links: <a href="/" rel="existing noopener noreferrer" target="_blank">Existing rel</a></p>';
|
$expected = '<p>Links: <a href="/" rel="existing noopener" target="_blank">Existing rel</a></p>';
|
||||||
$this->assertSame( $expected, wp_targeted_link_rel( $content ) );
|
$this->assertSame( $expected, wp_targeted_link_rel( $content ) );
|
||||||
}
|
}
|
||||||
|
|
||||||
public function test_rel_value_spaced_and_no_delimiter() {
|
public function test_rel_value_spaced_and_no_delimiter() {
|
||||||
$content = '<p>Links: <a href="/" rel = existing target="_blank">Existing rel</a></p>';
|
$content = '<p>Links: <a href="/" rel = existing target="_blank">Existing rel</a></p>';
|
||||||
$expected = '<p>Links: <a href="/" rel="existing noopener noreferrer" target="_blank">Existing rel</a></p>';
|
$expected = '<p>Links: <a href="/" rel="existing noopener" target="_blank">Existing rel</a></p>';
|
||||||
$this->assertSame( $expected, wp_targeted_link_rel( $content ) );
|
$this->assertSame( $expected, wp_targeted_link_rel( $content ) );
|
||||||
}
|
}
|
||||||
|
|
||||||
public function test_escaped_quotes() {
|
public function test_escaped_quotes() {
|
||||||
$content = '<p>Links: <a href=\"/\" rel=\"existing values\" target=\"_blank\">Existing rel</a></p>';
|
$content = '<p>Links: <a href=\"/\" rel=\"existing values\" target=\"_blank\">Existing rel</a></p>';
|
||||||
$expected = '<p>Links: <a href=\"/\" rel=\"existing values noopener noreferrer\" target=\"_blank\">Existing rel</a></p>';
|
$expected = '<p>Links: <a href=\"/\" rel=\"existing values noopener\" target=\"_blank\">Existing rel</a></p>';
|
||||||
$this->assertSame( $expected, wp_targeted_link_rel( $content ) );
|
$this->assertSame( $expected, wp_targeted_link_rel( $content ) );
|
||||||
}
|
}
|
||||||
|
|
||||||
public function test_ignore_links_with_no_target() {
|
public function test_ignore_links_with_no_target() {
|
||||||
$content = '<p>Links: <a href="/" target="_blank">Change me</a> <a href="/">Do not change me</a></p>';
|
$content = '<p>Links: <a href="/" target="_blank">Change me</a> <a href="/">Do not change me</a></p>';
|
||||||
$expected = '<p>Links: <a href="/" target="_blank" rel="noopener noreferrer">Change me</a> <a href="/">Do not change me</a></p>';
|
$expected = '<p>Links: <a href="/" target="_blank" rel="noopener">Change me</a> <a href="/">Do not change me</a></p>';
|
||||||
$this->assertSame( $expected, wp_targeted_link_rel( $content ) );
|
$this->assertSame( $expected, wp_targeted_link_rel( $content ) );
|
||||||
}
|
}
|
||||||
|
|
||||||
@ -85,7 +85,7 @@ class Tests_Targeted_Link_Rel extends WP_UnitTestCase {
|
|||||||
*/
|
*/
|
||||||
public function test_wp_targeted_link_rel_filters_run() {
|
public function test_wp_targeted_link_rel_filters_run() {
|
||||||
$content = '<p>Links: <a href="/" target="_blank">No rel</a></p>';
|
$content = '<p>Links: <a href="/" target="_blank">No rel</a></p>';
|
||||||
$expected = '<p>Links: <a href="/" target="_blank" rel="noopener noreferrer">No rel</a></p>';
|
$expected = '<p>Links: <a href="/" target="_blank" rel="noopener">No rel</a></p>';
|
||||||
|
|
||||||
$post = $this->factory()->post->create_and_get(
|
$post = $this->factory()->post->create_and_get(
|
||||||
array(
|
array(
|
||||||
@ -103,7 +103,7 @@ class Tests_Targeted_Link_Rel extends WP_UnitTestCase {
|
|||||||
*/
|
*/
|
||||||
public function test_wp_targeted_link_rel_should_preserve_json() {
|
public function test_wp_targeted_link_rel_should_preserve_json() {
|
||||||
$content = '<p>Links: <a href=\"\/\" target=\"_blank\">No rel<\/a><\/p>';
|
$content = '<p>Links: <a href=\"\/\" target=\"_blank\">No rel<\/a><\/p>';
|
||||||
$expected = '<p>Links: <a href=\"\/\" target=\"_blank\" rel=\"noopener noreferrer\">No rel<\/a><\/p>';
|
$expected = '<p>Links: <a href=\"\/\" target=\"_blank\" rel=\"noopener\">No rel<\/a><\/p>';
|
||||||
$this->assertSame( $expected, wp_targeted_link_rel( $content ) );
|
$this->assertSame( $expected, wp_targeted_link_rel( $content ) );
|
||||||
}
|
}
|
||||||
|
|
||||||
@ -114,7 +114,7 @@ class Tests_Targeted_Link_Rel extends WP_UnitTestCase {
|
|||||||
*/
|
*/
|
||||||
public function test_wp_targeted_link_rel_skips_style_and_scripts() {
|
public function test_wp_targeted_link_rel_skips_style_and_scripts() {
|
||||||
$content = '<style><a href="/" target=a></style><p>Links: <script>console.log("<a href=\'/\' target=a>hi</a>");</script><script>alert(1);</script>here <a href="/" target=_blank>aq</a></p><script>console.log("<a href=\'last\' target=\'_blank\'")</script>';
|
$content = '<style><a href="/" target=a></style><p>Links: <script>console.log("<a href=\'/\' target=a>hi</a>");</script><script>alert(1);</script>here <a href="/" target=_blank>aq</a></p><script>console.log("<a href=\'last\' target=\'_blank\'")</script>';
|
||||||
$expected = '<style><a href="/" target=a></style><p>Links: <script>console.log("<a href=\'/\' target=a>hi</a>");</script><script>alert(1);</script>here <a href="/" target="_blank" rel="noopener noreferrer">aq</a></p><script>console.log("<a href=\'last\' target=\'_blank\'")</script>';
|
$expected = '<style><a href="/" target=a></style><p>Links: <script>console.log("<a href=\'/\' target=a>hi</a>");</script><script>alert(1);</script>here <a href="/" target="_blank" rel="noopener">aq</a></p><script>console.log("<a href=\'last\' target=\'_blank\'")</script>';
|
||||||
$this->assertSame( $expected, wp_targeted_link_rel( $content ) );
|
$this->assertSame( $expected, wp_targeted_link_rel( $content ) );
|
||||||
}
|
}
|
||||||
|
|
||||||
@ -131,7 +131,7 @@ class Tests_Targeted_Link_Rel extends WP_UnitTestCase {
|
|||||||
|
|
||||||
public function test_wp_targeted_link_rel_tab_separated_values_are_split() {
|
public function test_wp_targeted_link_rel_tab_separated_values_are_split() {
|
||||||
$content = "<p>Links: <a href=\"/\" target=\"_blank\" rel=\"ugc\t\tnoopener\t\">No rel</a></p>";
|
$content = "<p>Links: <a href=\"/\" target=\"_blank\" rel=\"ugc\t\tnoopener\t\">No rel</a></p>";
|
||||||
$expected = '<p>Links: <a href="/" target="_blank" rel="ugc noopener noreferrer">No rel</a></p>';
|
$expected = '<p>Links: <a href="/" target="_blank" rel="ugc noopener">No rel</a></p>';
|
||||||
$this->assertSame( $expected, wp_targeted_link_rel( $content ) );
|
$this->assertSame( $expected, wp_targeted_link_rel( $content ) );
|
||||||
}
|
}
|
||||||
|
|
||||||
|
@ -37,7 +37,7 @@ class Tests_Menu_Walker_Nav_Menu extends WP_UnitTestCase {
|
|||||||
}
|
}
|
||||||
|
|
||||||
/**
|
/**
|
||||||
* Tests when an item's target is _blank, that rel="noopener noreferrer" is added.
|
* Tests when an item's target is _blank, that rel="noopener" is added.
|
||||||
*
|
*
|
||||||
* @ticket 43290
|
* @ticket 43290
|
||||||
*/
|
*/
|
||||||
@ -64,7 +64,7 @@ class Tests_Menu_Walker_Nav_Menu extends WP_UnitTestCase {
|
|||||||
|
|
||||||
$this->walker->start_el( $expected, (object) $item, 0, (object) $args );
|
$this->walker->start_el( $expected, (object) $item, 0, (object) $args );
|
||||||
|
|
||||||
$this->assertSame( "<li id=\"menu-item-{$post_id}\" class=\"menu-item-{$post_id}\"><a target=\"_blank\" rel=\"noopener noreferrer\">{$post_title}</a>", $expected );
|
$this->assertSame( "<li id=\"menu-item-{$post_id}\" class=\"menu-item-{$post_id}\"><a target=\"_blank\" rel=\"noopener\">{$post_title}</a>", $expected );
|
||||||
}
|
}
|
||||||
|
|
||||||
/**
|
/**
|
||||||
|
@ -478,7 +478,7 @@ class Tests_Privacy_WpPrivacyGeneratePersonalDataExportFile extends WP_UnitTestC
|
|||||||
),
|
),
|
||||||
array(
|
array(
|
||||||
'name' => 'Comment URL',
|
'name' => 'Comment URL',
|
||||||
'value' => '<a href="http://localhost:8888/46894/2020/01/31/hello-world/#comment-2" target="_blank" rel="noreferrer noopener">http://localhost:8888/46894/2020/01/31/hello-world/#comment-2</a>',
|
'value' => '<a href="http://localhost:8888/46894/2020/01/31/hello-world/#comment-2" target="_blank" rel="noopener">http://localhost:8888/46894/2020/01/31/hello-world/#comment-2</a>',
|
||||||
),
|
),
|
||||||
),
|
),
|
||||||
'comment-3' => array(
|
'comment-3' => array(
|
||||||
@ -508,7 +508,7 @@ class Tests_Privacy_WpPrivacyGeneratePersonalDataExportFile extends WP_UnitTestC
|
|||||||
),
|
),
|
||||||
array(
|
array(
|
||||||
'name' => 'Comment URL',
|
'name' => 'Comment URL',
|
||||||
'value' => '<a href="http://localhost:8888/46894/2020/01/31/hello-world/#comment-3" target="_blank" rel="noreferrer noopener">http://localhost:8888/46894/2020/01/31/hello-world/#comment-3</a>',
|
'value' => '<a href="http://localhost:8888/46894/2020/01/31/hello-world/#comment-3" target="_blank" rel="noopener">http://localhost:8888/46894/2020/01/31/hello-world/#comment-3</a>',
|
||||||
),
|
),
|
||||||
),
|
),
|
||||||
),
|
),
|
||||||
@ -620,7 +620,7 @@ class Tests_Privacy_WpPrivacyGeneratePersonalDataExportFile extends WP_UnitTestC
|
|||||||
),
|
),
|
||||||
array(
|
array(
|
||||||
'name' => 'Comment URL',
|
'name' => 'Comment URL',
|
||||||
'value' => '<a href="http://localhost:8888/46894/2020/01/31/hello-world/#comment-2" target="_blank" rel="noreferrer noopener">http://localhost:8888/46894/2020/01/31/hello-world/#comment-2</a>',
|
'value' => '<a href="http://localhost:8888/46894/2020/01/31/hello-world/#comment-2" target="_blank" rel="noopener">http://localhost:8888/46894/2020/01/31/hello-world/#comment-2</a>',
|
||||||
),
|
),
|
||||||
),
|
),
|
||||||
),
|
),
|
||||||
|
@ -1162,12 +1162,12 @@ class WP_Test_REST_Attachments_Controller extends WP_Test_REST_Post_Type_Control
|
|||||||
'rendered' => '<a href="#">link</a>',
|
'rendered' => '<a href="#">link</a>',
|
||||||
),
|
),
|
||||||
'description' => array(
|
'description' => array(
|
||||||
'raw' => '<a href="#" target="_blank" rel="noopener noreferrer">link</a>',
|
'raw' => '<a href="#" target="_blank" rel="noopener">link</a>',
|
||||||
'rendered' => '<p><a href="#" target="_blank" rel="noopener noreferrer">link</a></p>',
|
'rendered' => '<p><a href="#" target="_blank" rel="noopener">link</a></p>',
|
||||||
),
|
),
|
||||||
'caption' => array(
|
'caption' => array(
|
||||||
'raw' => '<a href="#" target="_blank" rel="noopener noreferrer">link</a>',
|
'raw' => '<a href="#" target="_blank" rel="noopener">link</a>',
|
||||||
'rendered' => '<p><a href="#" target="_blank" rel="noopener noreferrer">link</a></p>',
|
'rendered' => '<p><a href="#" target="_blank" rel="noopener">link</a></p>',
|
||||||
),
|
),
|
||||||
),
|
),
|
||||||
),
|
),
|
||||||
|
@ -3696,12 +3696,12 @@ class WP_Test_REST_Posts_Controller extends WP_Test_REST_Post_Type_Controller_Te
|
|||||||
'rendered' => '<a href="#">link</a>',
|
'rendered' => '<a href="#">link</a>',
|
||||||
),
|
),
|
||||||
'content' => array(
|
'content' => array(
|
||||||
'raw' => '<a href="#" target="_blank" rel="noopener noreferrer">link</a>',
|
'raw' => '<a href="#" target="_blank" rel="noopener">link</a>',
|
||||||
'rendered' => '<p><a href="#" target="_blank" rel="noopener noreferrer">link</a></p>',
|
'rendered' => '<p><a href="#" target="_blank" rel="noopener">link</a></p>',
|
||||||
),
|
),
|
||||||
'excerpt' => array(
|
'excerpt' => array(
|
||||||
'raw' => '<a href="#" target="_blank" rel="noopener noreferrer">link</a>',
|
'raw' => '<a href="#" target="_blank" rel="noopener">link</a>',
|
||||||
'rendered' => '<p><a href="#" target="_blank" rel="noopener noreferrer">link</a></p>',
|
'rendered' => '<p><a href="#" target="_blank" rel="noopener">link</a></p>',
|
||||||
),
|
),
|
||||||
),
|
),
|
||||||
),
|
),
|
||||||
|
@ -304,7 +304,7 @@ class Test_WP_Widget_Custom_HTML extends WP_UnitTestCase {
|
|||||||
}
|
}
|
||||||
|
|
||||||
/**
|
/**
|
||||||
* Ensure that rel="noopener noreferrer" is added to links with a target.
|
* Ensure that rel="noopener" is added to links with a target.
|
||||||
*
|
*
|
||||||
* @ticket 46421
|
* @ticket 46421
|
||||||
*/
|
*/
|
||||||
@ -326,11 +326,11 @@ class Test_WP_Widget_Custom_HTML extends WP_UnitTestCase {
|
|||||||
);
|
);
|
||||||
|
|
||||||
$output = get_echo( array( $widget, 'widget' ), array( $args, $instance ) );
|
$output = get_echo( array( $widget, 'widget' ), array( $args, $instance ) );
|
||||||
$this->assertContains( 'rel="noopener noreferrer"', $output );
|
$this->assertContains( 'rel="noopener"', $output );
|
||||||
}
|
}
|
||||||
|
|
||||||
/**
|
/**
|
||||||
* Ensure that rel="noopener noreferrer" is not added to links without a target.
|
* Ensure that rel="noopener" is not added to links without a target.
|
||||||
*
|
*
|
||||||
* @ticket 46421
|
* @ticket 46421
|
||||||
*/
|
*/
|
||||||
@ -352,7 +352,7 @@ class Test_WP_Widget_Custom_HTML extends WP_UnitTestCase {
|
|||||||
);
|
);
|
||||||
|
|
||||||
$output = get_echo( array( $widget, 'widget' ), array( $args, $instance ) );
|
$output = get_echo( array( $widget, 'widget' ), array( $args, $instance ) );
|
||||||
$this->assertNotContains( 'rel="noopener noreferrer"', $output );
|
$this->assertNotContains( 'rel="noopener"', $output );
|
||||||
}
|
}
|
||||||
|
|
||||||
}
|
}
|
||||||
|
@ -542,7 +542,7 @@ class Test_WP_Widget_Media_Image extends WP_UnitTestCase {
|
|||||||
|
|
||||||
$this->assertContains( '<a href="https://example.org"', $output );
|
$this->assertContains( '<a href="https://example.org"', $output );
|
||||||
$this->assertContains( 'target="_blank"', $output );
|
$this->assertContains( 'target="_blank"', $output );
|
||||||
$this->assertContains( 'rel="noopener noreferrer"', $output );
|
$this->assertContains( 'rel="noopener"', $output );
|
||||||
|
|
||||||
// Populate caption in attachment.
|
// Populate caption in attachment.
|
||||||
wp_update_post(
|
wp_update_post(
|
||||||
|
@ -1003,7 +1003,7 @@ class Test_WP_Widget_Text extends WP_UnitTestCase {
|
|||||||
}
|
}
|
||||||
|
|
||||||
/**
|
/**
|
||||||
* Ensure that rel="noopener noreferrer" is added to links with a target.
|
* Ensure that rel="noopener" is added to links with a target.
|
||||||
*
|
*
|
||||||
* @ticket 46421
|
* @ticket 46421
|
||||||
*/
|
*/
|
||||||
@ -1026,11 +1026,11 @@ class Test_WP_Widget_Text extends WP_UnitTestCase {
|
|||||||
|
|
||||||
$output = get_echo( array( $widget, 'widget' ), array( $args, $instance ) );
|
$output = get_echo( array( $widget, 'widget' ), array( $args, $instance ) );
|
||||||
|
|
||||||
$this->assertContains( 'rel="noopener noreferrer"', $output );
|
$this->assertContains( 'rel="noopener"', $output );
|
||||||
}
|
}
|
||||||
|
|
||||||
/**
|
/**
|
||||||
* Ensure that rel="noopener noreferrer" is not added to links without a target.
|
* Ensure that rel="noopener" is not added to links without a target.
|
||||||
*
|
*
|
||||||
* @ticket 46421
|
* @ticket 46421
|
||||||
*/
|
*/
|
||||||
@ -1053,6 +1053,6 @@ class Test_WP_Widget_Text extends WP_UnitTestCase {
|
|||||||
|
|
||||||
$output = get_echo( array( $widget, 'widget' ), array( $args, $instance ) );
|
$output = get_echo( array( $widget, 'widget' ), array( $args, $instance ) );
|
||||||
|
|
||||||
$this->assertNotContains( 'rel="noopener noreferrer"', $output );
|
$this->assertNotContains( 'rel="noopener"', $output );
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
@ -1173,7 +1173,7 @@
|
|||||||
<span class="name">Alternative Text</span>
|
<span class="name">Alternative Text</span>
|
||||||
<input type="text" value="{{ data.alt }}" aria-describedby="alt-text-description" {{ maybeReadOnly }} />
|
<input type="text" value="{{ data.alt }}" aria-describedby="alt-text-description" {{ maybeReadOnly }} />
|
||||||
</label>
|
</label>
|
||||||
<p class="description" id="alt-text-description"><a href="https://www.w3.org/WAI/tutorials/images/decision-tree" target="_blank" rel="noopener noreferrer">Describe the purpose of the image<span class="screen-reader-text"> (opens in a new tab)</span></a>. Leave empty if the image is purely decorative.</p>
|
<p class="description" id="alt-text-description"><a href="https://www.w3.org/WAI/tutorials/images/decision-tree" target="_blank" rel="noopener">Describe the purpose of the image<span class="screen-reader-text"> (opens in a new tab)</span></a>. Leave empty if the image is purely decorative.</p>
|
||||||
<# } #>
|
<# } #>
|
||||||
<label class="setting" data-setting="title">
|
<label class="setting" data-setting="title">
|
||||||
<span class="name">Title</span>
|
<span class="name">Title</span>
|
||||||
@ -1338,7 +1338,7 @@
|
|||||||
<span class="name">Alt Text</span>
|
<span class="name">Alt Text</span>
|
||||||
<input type="text" value="{{ data.alt }}" aria-describedby="alt-text-description" {{ maybeReadOnly }} />
|
<input type="text" value="{{ data.alt }}" aria-describedby="alt-text-description" {{ maybeReadOnly }} />
|
||||||
</label>
|
</label>
|
||||||
<p class="description" id="alt-text-description"><a href="https://www.w3.org/WAI/tutorials/images/decision-tree" target="_blank" rel="noopener noreferrer">Describe the purpose of the image<span class="screen-reader-text"> (opens in a new tab)</span></a>. Leave empty if the image is purely decorative.</p>
|
<p class="description" id="alt-text-description"><a href="https://www.w3.org/WAI/tutorials/images/decision-tree" target="_blank" rel="noopener">Describe the purpose of the image<span class="screen-reader-text"> (opens in a new tab)</span></a>. Leave empty if the image is purely decorative.</p>
|
||||||
<# } #>
|
<# } #>
|
||||||
<label class="setting" data-setting="title">
|
<label class="setting" data-setting="title">
|
||||||
<span class="name">Title</span>
|
<span class="name">Title</span>
|
||||||
@ -1630,7 +1630,7 @@
|
|||||||
<span>Alternative Text</span>
|
<span>Alternative Text</span>
|
||||||
<input type="text" data-setting="alt" aria-describedby="alt-text-description" />
|
<input type="text" data-setting="alt" aria-describedby="alt-text-description" />
|
||||||
</label>
|
</label>
|
||||||
<p class="description" id="alt-text-description"><a href="https://www.w3.org/WAI/tutorials/images/decision-tree" target="_blank" rel="noopener noreferrer">Describe the purpose of the image<span class="screen-reader-text"> (opens in a new tab)</span></a>. Leave empty if the image is purely decorative.</p>
|
<p class="description" id="alt-text-description"><a href="https://www.w3.org/WAI/tutorials/images/decision-tree" target="_blank" rel="noopener">Describe the purpose of the image<span class="screen-reader-text"> (opens in a new tab)</span></a>. Leave empty if the image is purely decorative.</p>
|
||||||
|
|
||||||
<label class="setting caption">
|
<label class="setting caption">
|
||||||
<span>Caption</span>
|
<span>Caption</span>
|
||||||
@ -1685,7 +1685,7 @@
|
|||||||
<span>Alternative Text</span>
|
<span>Alternative Text</span>
|
||||||
<input type="text" data-setting="alt" value="{{ data.model.alt }}" aria-describedby="alt-text-description" />
|
<input type="text" data-setting="alt" value="{{ data.model.alt }}" aria-describedby="alt-text-description" />
|
||||||
</label>
|
</label>
|
||||||
<p class="description" id="alt-text-description"><a href="https://www.w3.org/WAI/tutorials/images/decision-tree" target="_blank" rel="noopener noreferrer">Describe the purpose of the image<span class="screen-reader-text"> (opens in a new tab)</span></a>. Leave empty if the image is purely decorative.</p>
|
<p class="description" id="alt-text-description"><a href="https://www.w3.org/WAI/tutorials/images/decision-tree" target="_blank" rel="noopener">Describe the purpose of the image<span class="screen-reader-text"> (opens in a new tab)</span></a>. Leave empty if the image is purely decorative.</p>
|
||||||
|
|
||||||
<label class="setting caption">
|
<label class="setting caption">
|
||||||
<span>Caption</span>
|
<span>Caption</span>
|
||||||
|
Loading…
Reference in New Issue
Block a user