Privacy: Don't replace comment author URL and email with anything.

Props TZ-Media, desrosj, birgire. Fixes #44141. git-svn-id: https://develop.svn.wordpress.org/trunk@43467 602fd350-edb4-49c9-b593-d223f7449a82
2018-07-17 08:59:30 +00:00 · 2018-07-17 08:59:30 +00:00 · b33deaf1b5
commit b33deaf1b5
parent 6c8c2aeaf9
3 changed files with 48 additions and 10 deletions
--- a/src/wp-includes/comment.php
+++ b/src/wp-includes/comment.php
@ -3440,6 +3440,7 @@ function wp_comments_personal_data_eraser( $email_address, $page = 1 ) {
 		)
 	);

+	/* translators: Name of a comment's author after being anonymized. */
 	$anon_author = __( 'Anonymous' );
 	$messages    = array();

@ -3447,9 +3448,9 @@ function wp_comments_personal_data_eraser( $email_address, $page = 1 ) {
 		$anonymized_comment                         = array();
 		$anonymized_comment['comment_agent']        = '';
 		$anonymized_comment['comment_author']       = $anon_author;
-		$anonymized_comment['comment_author_email'] = wp_privacy_anonymize_data( 'email', $comment->comment_author_email );
+		$anonymized_comment['comment_author_email'] = '';
 		$anonymized_comment['comment_author_IP']    = wp_privacy_anonymize_data( 'ip', $comment->comment_author_IP );
-		$anonymized_comment['comment_author_url']   = wp_privacy_anonymize_data( 'url', $comment->comment_author_url );
+		$anonymized_comment['comment_author_url']   = '';
 		$anonymized_comment['user_id']              = 0;

 		$comment_id = (int) $comment->comment_ID;
--- a/tests/phpunit/tests/comment.php
+++ b/tests/phpunit/tests/comment.php
@ -815,6 +815,7 @@ class Tests_Comment extends WP_UnitTestCase {
 	/**
 	 * The `wp_comments_personal_data_eraser()` function should erase user's comments.
 	 *
+	 * @group privacy
 	 * @ticket 43442
 	 */
 	public function test_wp_comments_personal_data_eraser() {
@ -856,8 +857,8 @@ class Tests_Comment extends WP_UnitTestCase {
 			'comment_ID'           => (string) $comment_id,
 			'user_id'              => '0', // Anonymized.
 			'comment_author'       => 'Anonymous', // Anonymized.
-			'comment_author_email' => 'deleted@site.invalid', // Anonymized.
-			'comment_author_url'   => 'https://site.invalid', // Anonymized.
+			'comment_author_email' => '', // Anonymized.
+			'comment_author_url'   => '', // Anonymized.
 			'comment_author_IP'    => '192.168.0.0', // Anonymized.
 			'comment_date'         => '2018-04-14 17:20:00',
 			'comment_date_gmt'     => '2018-04-14 17:20:00',
@ -871,6 +872,7 @@ class Tests_Comment extends WP_UnitTestCase {
 	/**
 	 * Testing the `wp_comments_personal_data_eraser()` function's output on an empty first page.
 	 *
+	 * @group privacy
 	 * @ticket 43442
 	 */
 	public function test_wp_comments_personal_data_eraser_empty_first_page_output() {
@ -889,6 +891,7 @@ class Tests_Comment extends WP_UnitTestCase {
 	/**
 	 * Testing the `wp_comments_personal_data_eraser()` function's output, for the non-empty first page.
 	 *
+	 * @group privacy
 	 * @ticket 43442
 	 */
 	public function test_wp_comments_personal_data_eraser_non_empty_first_page_output() {
@ -920,6 +923,7 @@ class Tests_Comment extends WP_UnitTestCase {
 	/**
 	 * Testing the `wp_comments_personal_data_eraser()` function's output, for an empty second page.
 	 *
+	 * @group privacy
 	 * @ticket 43442
 	 */
 	public function test_wp_comments_personal_data_eraser_empty_second_page_output() {
@ -951,6 +955,7 @@ class Tests_Comment extends WP_UnitTestCase {
 	/**
 	 * Testing the `wp_anonymize_comment` filter, to prevent comment anonymization.
 	 *
+	 * @group privacy
 	 * @ticket 43442
 	 */
 	public function test_wp_anonymize_comment_filter_to_prevent_comment_anonymization() {
@ -987,6 +992,7 @@ class Tests_Comment extends WP_UnitTestCase {
 	/**
 	 * Testing the `wp_anonymize_comment` filter, to prevent comment anonymization, with a custom message.
 	 *
+	 * @group privacy
 	 * @ticket 43442
 	 */
 	public function test_wp_anonymize_comment_filter_to_prevent_comment_anonymization_with_custom_message() {
--- a/tests/phpunit/tests/functions/anonymization.php
+++ b/tests/phpunit/tests/functions/anonymization.php
@ -2,9 +2,9 @@
 /**
 * Test anonymization functions.
 *
- * @package WordPress
+ * @package WordPress\UnitTests
 *
- * @since 5.0.0
+ * @since 4.9.6
 */

 /**
@ -13,7 +13,7 @@
 * @group functions.php
 * @group privacy
 *
- * @since 5.0.0
+ * @since 4.9.6
 */
 class Tests_Functions_Anonymization extends WP_UnitTestCase {
 	/**
@ -42,7 +42,7 @@ class Tests_Functions_Anonymization extends WP_UnitTestCase {
 	/**
 	 * Provide test cases for `test_wp_privacy_anonymize_ip()`.
 	 *
-	 * @since 5.0.0 Moved from `Test_WP_Community_Events::data_get_unsafe_client_ip_anonymization()`.
+	 * @since 4.9.6 Moved from `Test_WP_Community_Events::data_get_unsafe_client_ip_anonymization()`.
 	 *
 	 * @return array {
 	 *     @type array {
@ -212,14 +212,14 @@ class Tests_Functions_Anonymization extends WP_UnitTestCase {
 	 * Test email anonymization of `wp_privacy_anonymize_data()`.
 	 */
 	public function test_anonymize_email() {
-		$this->assertEquals( 'deleted@site.invalid', wp_privacy_anonymize_data( 'email', 'bar@example.com' ) );
+		$this->assertSame( '', wp_privacy_anonymize_data( 'email', 'bar@example.com' ) );
 	}

 	/**
 	 * Test url anonymization of `wp_privacy_anonymize_data()`.
 	 */
 	public function test_anonymize_url() {
-		$this->assertEquals( 'https://site.invalid', wp_privacy_anonymize_data( 'url', 'https://example.com/author/username' ) );
+		$this->assertSame( '', wp_privacy_anonymize_data( 'url', 'https://example.com/author/username' ) );
 	}

 	/**
@ -244,4 +244,35 @@ class Tests_Functions_Anonymization extends WP_UnitTestCase {
 		$text = __( 'Four score and seven years ago' );
 		$this->assertEquals( 'This content was deleted by the author.', wp_privacy_anonymize_data( 'longtext', $text ) );
 	}
+
+	/**
+	 * Test text anonymization when a filter is added.
+	 *
+	 * @ticket 44141
+	 */
+	public function test_anonymize_with_filter() {
+		add_filter( 'wp_privacy_anonymize_data', array( $this, 'filter_wp_privacy_anonymize_data' ), 10, 3 );
+		$actual_url   = wp_privacy_anonymize_data( 'url', 'https://example.com/author/username' );
+		remove_filter( 'wp_privacy_anonymize_data', array( $this, 'filter_wp_privacy_anonymize_data' ), 10 );
+
+		$this->assertSame( 'http://local.host/why-this-was-removed', $actual_url );
+	}
+
+	/**
+	 * Change the anonymized value for URLs.
+	 *
+	 * @since 4.9.8
+	 *
+	 * @param string  $anonymous Anonymized data.
+	 * @param string  $type      Type of the data.
+	 * @param string  $data      Original data.
+	 * @return string $anonymous Anonymized data.
+	 */
+	public function filter_wp_privacy_anonymize_data( $anonymous, $type, $data ) {
+		if ( 'url' === $type && 'example.com' === parse_url( $data, PHP_URL_HOST ) ) {
+			return 'http://local.host/why-this-was-removed';
+		}
+		return $anonymous;
+	}
+
 }