<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.1//EN"
"http://www.w3.org/TR/xhtml11/DTD/xhtml11.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head><meta http-equiv="content-type" content="text/html; charset=utf-8" />
<title>[50409] trunk: Security: move Content-Security-Policy script loaders.</title>
</head>
<body>
<style type="text/css"><!--
#msg dl.meta { border: 1px #006 solid; background: #369; padding: 6px; color: #fff; }
#msg dl.meta dt { float: left; width: 6em; font-weight: bold; }
#msg dt:after { content:':';}
#msg dl, #msg dt, #msg ul, #msg li, #header, #footer, #logmsg { font-family: verdana,arial,helvetica,sans-serif; font-size: 10pt; }
#msg dl a { font-weight: bold}
#msg dl a:link { color:#fc3; }
#msg dl a:active { color:#ff0; }
#msg dl a:visited { color:#cc6; }
h3 { font-family: verdana,arial,helvetica,sans-serif; font-size: 10pt; font-weight: bold; }
#msg pre { white-space: pre-line; overflow: auto; background: #ffc; border: 1px #fa0 solid; padding: 6px; }
#logmsg { background: #ffc; border: 1px #fa0 solid; padding: 1em 1em 0 1em; }
#logmsg p, #logmsg pre, #logmsg blockquote { margin: 0 0 1em 0; }
#logmsg p, #logmsg li, #logmsg dt, #logmsg dd { line-height: 14pt; }
#logmsg h1, #logmsg h2, #logmsg h3, #logmsg h4, #logmsg h5, #logmsg h6 { margin: .5em 0; }
#logmsg h1:first-child, #logmsg h2:first-child, #logmsg h3:first-child, #logmsg h4:first-child, #logmsg h5:first-child, #logmsg h6:first-child { margin-top: 0; }
#logmsg ul, #logmsg ol { padding: 0; list-style-position: inside; margin: 0 0 0 1em; }
#logmsg ul { text-indent: -1em; padding-left: 1em; }#logmsg ol { text-indent: -1.5em; padding-left: 1.5em; }
#logmsg > ul, #logmsg > ol { margin: 0 0 1em 0; }
#logmsg pre { background: #eee; padding: 1em; }
#logmsg blockquote { border: 1px solid #fa0; border-left-width: 10px; padding: 1em 1em 0 1em; background: white;}
#logmsg dl { margin: 0; }
#logmsg dt { font-weight: bold; }
#logmsg dd { margin: 0; padding: 0 0 0.5em 0; }
#logmsg dd:before { content:'\00bb';}
#logmsg table { border-spacing: 0px; border-collapse: collapse; border-top: 4px solid #fa0; border-bottom: 1px solid #fa0; background: #fff; }
#logmsg table th { text-align: left; font-weight: normal; padding: 0.2em 0.5em; border-top: 1px dotted #fa0; }
#logmsg table td { text-align: right; border-top: 1px dotted #fa0; padding: 0.2em 0.5em; }
#logmsg table thead th { text-align: center; border-bottom: 1px solid #fa0; }
#logmsg table th.Corner { text-align: left; }
#logmsg hr { border: none 0; border-top: 2px dashed #fa0; height: 1px; }
#header, #footer { color: #fff; background: #636; border: 1px #300 solid; padding: 6px; }
#patch { width: 100%; }
#patch h4 {font-family: verdana,arial,helvetica,sans-serif;font-size:10pt;padding:8px;background:#369;color:#fff;margin:0;}
#patch .propset h4, #patch .binary h4 {margin:0;}
#patch pre {padding:0;line-height:1.2em;margin:0;}
#patch .diff {width:100%;background:#eee;padding: 0 0 10px 0;overflow:auto;}
#patch .propset .diff, #patch .binary .diff {padding:10px 0;}
#patch span {display:block;padding:0 10px;}
#patch .modfile, #patch .addfile, #patch .delfile, #patch .propset, #patch .binary, #patch .copfile {border:1px solid #ccc;margin:10px 0;}
#patch ins {background:#dfd;text-decoration:none;display:block;padding:0 10px;}
#patch del {background:#fdd;text-decoration:none;display:block;padding:0 10px;}
#patch .lines, .info {color:#888;background:#fff;}
--></style>
<div id="msg">
<dl class="meta" style="font-size: 105%">
<dt style="float: left; width: 6em; font-weight: bold">Revision</dt> <dd><a style="font-weight: bold" href="https://core.trac.wordpress.org/changeset/50409">50409</a><script type="application/ld+json">{"@context":"http://schema.org","@type":"EmailMessage","description":"Review this Commit","action":{"@type":"ViewAction","url":"https://core.trac.wordpress.org/changeset/50409","name":"Review Commit"}}</script></dd>
<dt style="float: left; width: 6em; font-weight: bold">Author</dt> <dd>peterwilsoncc</dd>
<dt style="float: left; width: 6em; font-weight: bold">Date</dt> <dd>2021-02-23 01:58:21 +0000 (Tue, 23 Feb 2021)</dd>
</dl>
<pre style='padding-left: 1em; margin: 2em 0; border-left: 2px solid #ccc; line-height: 1.25; font-size: 105%; font-family: sans-serif'>Security: move Content-Security-Policy script loaders.
Move `wp_get_script_tag()`, `wp_print_script_tag()`, `wp_print_inline_script_tag()` and `wp_get_inline_script_tag()` functions from `functions.php` to `script-loader.php`.
Relocate related tests to `dependencies` sub-directory.
Follow up to <a href="https://core.trac.wordpress.org/changeset/50167">[50167]</a>.
Props adamsilverstein, hellofromTonya, SergeyBiryukov.
Fixes <a href="https://core.trac.wordpress.org/ticket/39941">#39941</a>.</pre>
<h3>Modified Paths</h3>
<ul>
<li><a href="#trunksrcwpincludesfunctionsphp">trunk/src/wp-includes/functions.php</a></li>
<li><a href="#trunksrcwpincludesscriptloaderphp">trunk/src/wp-includes/script-loader.php</a></li>
</ul>
<h3>Added Paths</h3>
<ul>
<li><a href="#trunktestsphpunittestsdependencieswpInlineScriptTagphp">trunk/tests/phpunit/tests/dependencies/wpInlineScriptTag.php</a></li>
<li><a href="#trunktestsphpunittestsdependencieswpSanitizeScriptAttributesphp">trunk/tests/phpunit/tests/dependencies/wpSanitizeScriptAttributes.php</a></li>
<li><a href="#trunktestsphpunittestsdependencieswpScriptTagphp">trunk/tests/phpunit/tests/dependencies/wpScriptTag.php</a></li>
</ul>
<h3>Removed Paths</h3>
<ul>
<li><a href="#trunktestsphpunittestsfunctionswpInlineScriptTagphp">trunk/tests/phpunit/tests/functions/wpInlineScriptTag.php</a></li>
<li><a href="#trunktestsphpunittestsfunctionswpSanitizeScriptAttributesphp">trunk/tests/phpunit/tests/functions/wpSanitizeScriptAttributes.php</a></li>
<li><a href="#trunktestsphpunittestsfunctionswpScriptTagphp">trunk/tests/phpunit/tests/functions/wpScriptTag.php</a></li>
</ul>
</div>
<div id="patch">
<h3>Diff</h3>
<a id="trunksrcwpincludesfunctionsphp"></a>
<div class="modfile"><h4 style="background-color: #eee; color: inherit; margin: 1em 0; padding: 1.3em; font-size: 115%">Modified: trunk/src/wp-includes/functions.php</h4>
<pre class="diff"><span>
<span class="info" style="display: block; padding: 0 10px; color: #888">--- trunk/src/wp-includes/functions.php 2021-02-22 23:21:56 UTC (rev 50408)
+++ trunk/src/wp-includes/functions.php 2021-02-23 01:58:21 UTC (rev 50409)
</span><span class="lines" style="display: block; padding: 0 10px; color: #888">@@ -7866,123 +7866,3 @@
</span><span class="cx" style="display: block; padding: 0 10px"> function wp_fuzzy_number_match( $expected, $actual, $precision = 1 ) {
</span><span class="cx" style="display: block; padding: 0 10px"> return abs( (float) $expected - (float) $actual ) <= $precision;
</span><span class="cx" style="display: block; padding: 0 10px"> }
</span><del style="background-color: #fdd; text-decoration:none; display:block; padding: 0 10px">-
-/**
- * Sanitizes an attributes array into an attributes string to be placed inside a `<script>` tag.
- *
- * Automatically injects type attribute if needed.
- * Used by {@see wp_get_script_tag()} and {@see wp_get_inline_script_tag()}.
- *
- * @since 5.7.0
- *
- * @param array $attributes Key-value pairs representing `<script>` tag attributes.
- * @return string String made of sanitized `<script>` tag attributes.
- */
-function wp_sanitize_script_attributes( $attributes ) {
- $html5_script_support = ! is_admin() && ! current_theme_supports( 'html5', 'script' );
- $attributes_string = '';
-
- // If HTML5 script tag is supported, only the attribute name is added
- // to $attributes_string for entries with a boolean value, and that are true.
- foreach ( $attributes as $attribute_name => $attribute_value ) {
- if ( is_bool( $attribute_value ) ) {
- if ( $attribute_value ) {
- $attributes_string .= $html5_script_support ? sprintf( ' %1$s="%2$s"', esc_attr( $attribute_name ), esc_attr( $attribute_name ) ) : ' ' . $attribute_name;
- }
- } else {
- $attributes_string .= sprintf( ' %1$s="%2$s"', esc_attr( $attribute_name ), esc_attr( $attribute_value ) );
- }
- }
-
- return $attributes_string;
-}
-
-/**
- * Formats `<script>` loader tags.
- *
- * It is possible to inject attributes in the `<script>` tag via the {@see 'wp_script_attributes'} filter.
- * Automatically injects type attribute if needed.
- *
- * @since 5.7.0
- *
- * @param array $attributes Key-value pairs representing `<script>` tag attributes.
- * @return string String containing `<script>` opening and closing tags.
- */
-function wp_get_script_tag( $attributes ) {
- if ( ! isset( $attributes['type'] ) && ! is_admin() && ! current_theme_supports( 'html5', 'script' ) ) {
- $attributes['type'] = 'text/javascript';
- }
- /**
- * Filters attributes to be added to a script tag.
- *
- * @since 5.7.0
- *
- * @param array $attributes Key-value pairs representing `<script>` tag attributes.
- * Only the attribute name is added to the `<script>` tag for
- * entries with a boolean value, and that are true.
- */
- $attributes = apply_filters( 'wp_script_attributes', $attributes );
-
- return sprintf( "<script%s></script>\n", wp_sanitize_script_attributes( $attributes ) );
-}
-
-/**
- * Prints formatted `<script>` loader tag.
- *
- * It is possible to inject attributes in the `<script>` tag via the {@see 'wp_script_attributes'} filter.
- * Automatically injects type attribute if needed.
- *
- * @since 5.7.0
- *
- * @param array $attributes Key-value pairs representing `<script>` tag attributes.
- */
-function wp_print_script_tag( $attributes ) {
- echo wp_get_script_tag( $attributes );
-}
-
-/**
- * Wraps inline JavaScript in `<script>` tag.
- *
- * It is possible to inject attributes in the `<script>` tag via the {@see 'wp_script_attributes'} filter.
- * Automatically injects type attribute if needed.
- *
- * @since 5.7.0
- *
- * @param string $javascript Inline JavaScript code.
- * @param array $attributes Optional. Key-value pairs representing `<script>` tag attributes.
- * @return string String containing inline JavaScript code wrapped around `<script>` tag.
- */
-function wp_get_inline_script_tag( $javascript, $attributes = array() ) {
- if ( ! isset( $attributes['type'] ) && ! is_admin() && ! current_theme_supports( 'html5', 'script' ) ) {
- $attributes['type'] = 'text/javascript';
- }
- /**
- * Filters attributes to be added to a script tag.
- *
- * @since 5.7.0
- *
- * @param array $attributes Key-value pairs representing `<script>` tag attributes.
- * Only the attribute name is added to the `<script>` tag for
- * entries with a boolean value, and that are true.
- */
- $attributes = apply_filters( 'wp_inline_script_attributes', $attributes, $javascript );
-
- $javascript = "\n" . trim( $javascript, "\n\r " ) . "\n";
-
- return sprintf( "<script%s>%s</script>\n", wp_sanitize_script_attributes( $attributes ), $javascript );
-}
-
-/**
- * Prints inline JavaScript wrapped in `<script>` tag.
- *
- * It is possible to inject attributes in the `<script>` tag via the {@see 'wp_script_attributes'} filter.
- * Automatically injects type attribute if needed.
- *
- * @since 5.7.0
- *
- * @param string $javascript Inline JavaScript code.
- * @param array $attributes Optional. Key-value pairs representing `<script>` tag attributes.
- */
-function wp_print_inline_script_tag( $javascript, $attributes = array() ) {
- echo wp_get_inline_script_tag( $javascript, $attributes );
-}
</del></span></pre></div>
<a id="trunksrcwpincludesscriptloaderphp"></a>
<div class="modfile"><h4 style="background-color: #eee; color: inherit; margin: 1em 0; padding: 1.3em; font-size: 115%">Modified: trunk/src/wp-includes/script-loader.php</h4>
<pre class="diff"><span>
<span class="info" style="display: block; padding: 0 10px; color: #888">--- trunk/src/wp-includes/script-loader.php 2021-02-22 23:21:56 UTC (rev 50408)
+++ trunk/src/wp-includes/script-loader.php 2021-02-23 01:58:21 UTC (rev 50409)
</span><span class="lines" style="display: block; padding: 0 10px; color: #888">@@ -2332,3 +2332,123 @@
</span><span class="cx" style="display: block; padding: 0 10px"> wp_enqueue_script( 'wp-block-directory' );
</span><span class="cx" style="display: block; padding: 0 10px"> wp_enqueue_style( 'wp-block-directory' );
</span><span class="cx" style="display: block; padding: 0 10px"> }
</span><ins style="background-color: #dfd; text-decoration:none; display:block; padding: 0 10px">+
+/**
+ * Sanitizes an attributes array into an attributes string to be placed inside a `<script>` tag.
+ *
+ * Automatically injects type attribute if needed.
+ * Used by {@see wp_get_script_tag()} and {@see wp_get_inline_script_tag()}.
+ *
+ * @since 5.7.0
+ *
+ * @param array $attributes Key-value pairs representing `<script>` tag attributes.
+ * @return string String made of sanitized `<script>` tag attributes.
+ */
+function wp_sanitize_script_attributes( $attributes ) {
+ $html5_script_support = ! is_admin() && ! current_theme_supports( 'html5', 'script' );
+ $attributes_string = '';
+
+ // If HTML5 script tag is supported, only the attribute name is added
+ // to $attributes_string for entries with a boolean value, and that are true.
+ foreach ( $attributes as $attribute_name => $attribute_value ) {
+ if ( is_bool( $attribute_value ) ) {
+ if ( $attribute_value ) {
+ $attributes_string .= $html5_script_support ? sprintf( ' %1$s="%2$s"', esc_attr( $attribute_name ), esc_attr( $attribute_name ) ) : ' ' . $attribute_name;
+ }
+ } else {
+ $attributes_string .= sprintf( ' %1$s="%2$s"', esc_attr( $attribute_name ), esc_attr( $attribute_value ) );
+ }
+ }
+
+ return $attributes_string;
+}
+
+/**
+ * Formats `<script>` loader tags.
+ *
+ * It is possible to inject attributes in the `<script>` tag via the {@see 'wp_script_attributes'} filter.
+ * Automatically injects type attribute if needed.
+ *
+ * @since 5.7.0
+ *
+ * @param array $attributes Key-value pairs representing `<script>` tag attributes.
+ * @return string String containing `<script>` opening and closing tags.
+ */
+function wp_get_script_tag( $attributes ) {
+ if ( ! isset( $attributes['type'] ) && ! is_admin() && ! current_theme_supports( 'html5', 'script' ) ) {
+ $attributes['type'] = 'text/javascript';
+ }
+ /**
+ * Filters attributes to be added to a script tag.
+ *
+ * @since 5.7.0
+ *
+ * @param array $attributes Key-value pairs representing `<script>` tag attributes.
+ * Only the attribute name is added to the `<script>` tag for
+ * entries with a boolean value, and that are true.
+ */
+ $attributes = apply_filters( 'wp_script_attributes', $attributes );
+
+ return sprintf( "<script%s></script>\n", wp_sanitize_script_attributes( $attributes ) );
+}
+
+/**
+ * Prints formatted `<script>` loader tag.
+ *
+ * It is possible to inject attributes in the `<script>` tag via the {@see 'wp_script_attributes'} filter.
+ * Automatically injects type attribute if needed.
+ *
+ * @since 5.7.0
+ *
+ * @param array $attributes Key-value pairs representing `<script>` tag attributes.
+ */
+function wp_print_script_tag( $attributes ) {
+ echo wp_get_script_tag( $attributes );
+}
+
+/**
+ * Wraps inline JavaScript in `<script>` tag.
+ *
+ * It is possible to inject attributes in the `<script>` tag via the {@see 'wp_script_attributes'} filter.
+ * Automatically injects type attribute if needed.
+ *
+ * @since 5.7.0
+ *
+ * @param string $javascript Inline JavaScript code.
+ * @param array $attributes Optional. Key-value pairs representing `<script>` tag attributes.
+ * @return string String containing inline JavaScript code wrapped around `<script>` tag.
+ */
+function wp_get_inline_script_tag( $javascript, $attributes = array() ) {
+ if ( ! isset( $attributes['type'] ) && ! is_admin() && ! current_theme_supports( 'html5', 'script' ) ) {
+ $attributes['type'] = 'text/javascript';
+ }
+ /**
+ * Filters attributes to be added to a script tag.
+ *
+ * @since 5.7.0
+ *
+ * @param array $attributes Key-value pairs representing `<script>` tag attributes.
+ * Only the attribute name is added to the `<script>` tag for
+ * entries with a boolean value, and that are true.
+ */
+ $attributes = apply_filters( 'wp_inline_script_attributes', $attributes, $javascript );
+
+ $javascript = "\n" . trim( $javascript, "\n\r " ) . "\n";
+
+ return sprintf( "<script%s>%s</script>\n", wp_sanitize_script_attributes( $attributes ), $javascript );
+}
+
+/**
+ * Prints inline JavaScript wrapped in `<script>` tag.
+ *
+ * It is possible to inject attributes in the `<script>` tag via the {@see 'wp_script_attributes'} filter.
+ * Automatically injects type attribute if needed.
+ *
+ * @since 5.7.0
+ *
+ * @param string $javascript Inline JavaScript code.
+ * @param array $attributes Optional. Key-value pairs representing `<script>` tag attributes.
+ */
+function wp_print_inline_script_tag( $javascript, $attributes = array() ) {
+ echo wp_get_inline_script_tag( $javascript, $attributes );
+}
</ins></span></pre></div>
<a id="trunktestsphpunittestsdependencieswpInlineScriptTagphpfromrev50408trunktestsphpunittestsfunctionswpInlineScriptTagphp"></a>
<div class="copfile"><h4 style="background-color: #eee; color: inherit; margin: 1em 0; padding: 1.3em; font-size: 115%">Copied: trunk/tests/phpunit/tests/dependencies/wpInlineScriptTag.php (from rev 50408, trunk/tests/phpunit/tests/functions/wpInlineScriptTag.php)</h4>
<pre class="diff"><span>
<span class="info" style="display: block; padding: 0 10px; color: #888">--- trunk/tests/phpunit/tests/dependencies/wpInlineScriptTag.php (rev 0)
+++ trunk/tests/phpunit/tests/dependencies/wpInlineScriptTag.php 2021-02-23 01:58:21 UTC (rev 50409)
</span><span class="lines" style="display: block; padding: 0 10px; color: #888">@@ -0,0 +1,122 @@
</span><ins style="background-color: #dfd; text-decoration:none; display:block; padding: 0 10px">+<?php
+
+/**
+ * Test wp_get_inline_script_tag() and wp_print_inline_script_tag().
+ *
+ * @group dependencies
+ * @group scripts
+ * @covers ::wp_get_inline_script_tag
+ * @covers ::wp_print_inline_script_tag
+ */
+class Tests_Functions_wpInlineScriptTag extends WP_UnitTestCase {
+
+ private $event_handler = <<<'JS'
+document.addEventListener( 'DOMContentLoaded', function () {
+ document.getElementById( 'elementID' )
+ .addEventListener( 'click', function( event ) {
+ event.preventDefault();
+ });
+});
+JS;
+
+ public function get_inline_script_tag_type_set() {
+ add_theme_support( 'html5', array( 'script' ) );
+
+ $this->assertSame(
+ '<script type="application/javascript" nomodule>' . "\n{$this->event_handler}\n</script>\n",
+ wp_get_inline_script_tag(
+ $this->event_handler,
+ array(
+ 'type' => 'application/javascript',
+ 'async' => false,
+ 'nomodule' => true,
+ )
+ )
+ );
+
+ remove_theme_support( 'html5' );
+
+ $this->assertSame(
+ '<script type="application/javascript" nomodule>' . "\n{$this->event_handler}\n</script>\n",
+ wp_get_inline_script_tag(
+ $this->event_handler,
+ array(
+ 'type' => 'application/javascript',
+ 'async' => false,
+ 'nomodule' => true,
+ )
+ )
+ );
+ }
+
+ public function test_get_inline_script_tag_type_not_set() {
+ add_theme_support( 'html5', array( 'script' ) );
+
+ $this->assertSame(
+ "<script nomodule>\n{$this->event_handler}\n</script>\n",
+ wp_get_inline_script_tag(
+ $this->event_handler,
+ array(
+ 'async' => false,
+ 'nomodule' => true,
+ )
+ )
+ );
+
+ remove_theme_support( 'html5' );
+ }
+
+ public function test_get_inline_script_tag_unescaped_src() {
+ add_theme_support( 'html5', array( 'script' ) );
+
+ $this->assertSame(
+ "<script>\n{$this->event_handler}\n</script>\n",
+ wp_get_inline_script_tag( $this->event_handler )
+ );
+
+ remove_theme_support( 'html5' );
+ }
+
+ public function test_print_script_tag_prints_get_inline_script_tag() {
+ add_filter(
+ 'wp_inline_script_attributes',
+ function ( $attributes ) {
+ if ( isset( $attributes['id'] ) && 'utils-js-extra' === $attributes['id'] ) {
+ $attributes['async'] = true;
+ }
+ return $attributes;
+ }
+ );
+
+ add_theme_support( 'html5', array( 'script' ) );
+
+ $attributes = array(
+ 'id' => 'utils-js-before',
+ 'nomodule' => true,
+ );
+
+ $this->assertSame(
+ wp_get_inline_script_tag( $this->event_handler, $attributes ),
+ get_echo(
+ 'wp_print_inline_script_tag',
+ array(
+ $this->event_handler,
+ $attributes,
+ )
+ )
+ );
+
+ remove_theme_support( 'html5' );
+
+ $this->assertSame(
+ wp_get_inline_script_tag( $this->event_handler, $attributes ),
+ get_echo(
+ 'wp_print_inline_script_tag',
+ array(
+ $this->event_handler,
+ $attributes,
+ )
+ )
+ );
+ }
+}
</ins></span></pre></div>
<a id="trunktestsphpunittestsdependencieswpSanitizeScriptAttributesphpfromrev50408trunktestsphpunittestsfunctionswpSanitizeScriptAttributesphp"></a>
<div class="copfile"><h4 style="background-color: #eee; color: inherit; margin: 1em 0; padding: 1.3em; font-size: 115%">Copied: trunk/tests/phpunit/tests/dependencies/wpSanitizeScriptAttributes.php (from rev 50408, trunk/tests/phpunit/tests/functions/wpSanitizeScriptAttributes.php)</h4>
<pre class="diff"><span>
<span class="info" style="display: block; padding: 0 10px; color: #888">--- trunk/tests/phpunit/tests/dependencies/wpSanitizeScriptAttributes.php (rev 0)
+++ trunk/tests/phpunit/tests/dependencies/wpSanitizeScriptAttributes.php 2021-02-23 01:58:21 UTC (rev 50409)
</span><span class="lines" style="display: block; padding: 0 10px; color: #888">@@ -0,0 +1,132 @@
</span><ins style="background-color: #dfd; text-decoration:none; display:block; padding: 0 10px">+<?php
+
+/**
+ * Test wp_sanitize_script_attributes().
+ *
+ * @group dependencies
+ * @group scripts
+ * @covers ::wp_sanitize_script_attributes
+ */
+class Tests_Functions_wpSanitizeScriptAttributes extends WP_UnitTestCase {
+
+ function test_sanitize_script_attributes_type_set() {
+ add_theme_support( 'html5', array( 'script' ) );
+
+ $this->assertSame(
+ ' type="application/javascript" src="https://DOMAIN.TLD/PATH/FILE.js" nomodule',
+ wp_sanitize_script_attributes(
+ array(
+ 'type' => 'application/javascript',
+ 'src' => 'https://DOMAIN.TLD/PATH/FILE.js',
+ 'async' => false,
+ 'nomodule' => true,
+ )
+ )
+ );
+
+ remove_theme_support( 'html5' );
+
+ $this->assertSame(
+ ' src="https://DOMAIN.TLD/PATH/FILE.js" type="application/javascript" nomodule="nomodule"',
+ wp_sanitize_script_attributes(
+ array(
+ 'src' => 'https://DOMAIN.TLD/PATH/FILE.js',
+ 'type' => 'application/javascript',
+ 'async' => false,
+ 'nomodule' => true,
+ )
+ )
+ );
+ }
+
+ function test_sanitize_script_attributes_type_not_set() {
+ add_theme_support( 'html5', array( 'script' ) );
+
+ $this->assertSame(
+ ' src="https://DOMAIN.TLD/PATH/FILE.js" nomodule',
+ wp_sanitize_script_attributes(
+ array(
+ 'src' => 'https://DOMAIN.TLD/PATH/FILE.js',
+ 'async' => false,
+ 'nomodule' => true,
+ )
+ )
+ );
+
+ remove_theme_support( 'html5' );
+
+ $this->assertSame(
+ ' src="https://DOMAIN.TLD/PATH/FILE.js" nomodule="nomodule"',
+ wp_sanitize_script_attributes(
+ array(
+ 'src' => 'https://DOMAIN.TLD/PATH/FILE.js',
+ 'async' => false,
+ 'nomodule' => true,
+ )
+ )
+ );
+ }
+
+
+ function test_sanitize_script_attributes_no_attributes() {
+ add_theme_support( 'html5', array( 'script' ) );
+
+ $this->assertSame(
+ '',
+ wp_sanitize_script_attributes( array() )
+ );
+
+ remove_theme_support( 'html5' );
+ }
+
+ function test_sanitize_script_attributes_relative_src() {
+ add_theme_support( 'html5', array( 'script' ) );
+
+ $this->assertSame(
+ ' src="PATH/FILE.js" nomodule',
+ wp_sanitize_script_attributes(
+ array(
+ 'src' => 'PATH/FILE.js',
+ 'async' => false,
+ 'nomodule' => true,
+ )
+ )
+ );
+
+ remove_theme_support( 'html5' );
+ }
+
+
+ function test_sanitize_script_attributes_only_false_boolean_attributes() {
+ add_theme_support( 'html5', array( 'script' ) );
+
+ $this->assertSame(
+ '',
+ wp_sanitize_script_attributes(
+ array(
+ 'async' => false,
+ 'nomodule' => false,
+ )
+ )
+ );
+
+ remove_theme_support( 'html5' );
+ }
+
+ function test_sanitize_script_attributes_only_true_boolean_attributes() {
+ add_theme_support( 'html5', array( 'script' ) );
+
+ $this->assertSame(
+ ' async nomodule',
+ wp_sanitize_script_attributes(
+ array(
+ 'async' => true,
+ 'nomodule' => true,
+ )
+ )
+ );
+
+ remove_theme_support( 'html5' );
+ }
+
+}
</ins></span></pre></div>
<a id="trunktestsphpunittestsdependencieswpScriptTagphpfromrev50408trunktestsphpunittestsfunctionswpScriptTagphp"></a>
<div class="copfile"><h4 style="background-color: #eee; color: inherit; margin: 1em 0; padding: 1.3em; font-size: 115%">Copied: trunk/tests/phpunit/tests/dependencies/wpScriptTag.php (from rev 50408, trunk/tests/phpunit/tests/functions/wpScriptTag.php)</h4>
<pre class="diff"><span>
<span class="info" style="display: block; padding: 0 10px; color: #888">--- trunk/tests/phpunit/tests/dependencies/wpScriptTag.php (rev 0)
+++ trunk/tests/phpunit/tests/dependencies/wpScriptTag.php 2021-02-23 01:58:21 UTC (rev 50409)
</span><span class="lines" style="display: block; padding: 0 10px; color: #888">@@ -0,0 +1,101 @@
</span><ins style="background-color: #dfd; text-decoration:none; display:block; padding: 0 10px">+<?php
+
+/**
+ * Test wp_get_script_tag() and wp_print_script_tag().
+ *
+ * @group dependencies
+ * @group scripts
+ */
+class Tests_Functions_wpScriptTag extends WP_UnitTestCase {
+
+ function get_script_tag_type_set() {
+ add_theme_support( 'html5', array( 'script' ) );
+
+ $this->assertSame(
+ '<script src="https://localhost/PATH/FILE.js" type="application/javascript" nomodule></script>' . "\n",
+ wp_get_script_tag(
+ array(
+ 'type' => 'application/javascript',
+ 'src' => 'https://localhost/PATH/FILE.js',
+ 'async' => false,
+ 'nomodule' => true,
+ )
+ )
+ );
+
+ remove_theme_support( 'html5' );
+
+ $this->assertSame(
+ '<script src="https://localhost/PATH/FILE.js" type="application/javascript" nomodule></script>' . "\n",
+ wp_get_script_tag(
+ array(
+ 'src' => 'https://localhost/PATH/FILE.js',
+ 'type' => 'application/javascript',
+ 'async' => false,
+ 'nomodule' => true,
+ )
+ )
+ );
+ }
+
+ /**
+ * @covers ::wp_get_script_tag
+ */
+ function test_get_script_tag_type_not_set() {
+ add_theme_support( 'html5', array( 'script' ) );
+
+ $this->assertSame(
+ '<script src="https://localhost/PATH/FILE.js" nomodule></script>' . "\n",
+ wp_get_script_tag(
+ array(
+ 'src' => 'https://localhost/PATH/FILE.js',
+ 'async' => false,
+ 'nomodule' => true,
+ )
+ )
+ );
+
+ remove_theme_support( 'html5' );
+ }
+
+ /**
+ * @covers ::wp_print_script_tag
+ */
+ function test_print_script_tag_prints_get_script_tag() {
+ add_filter(
+ 'wp_script_attributes',
+ function ( $attributes ) {
+ if ( isset( $attributes['id'] ) && 'utils-js-extra' === $attributes['id'] ) {
+ $attributes['async'] = true;
+ }
+ return $attributes;
+ }
+ );
+
+ add_theme_support( 'html5', array( 'script' ) );
+
+ $attributes = array(
+ 'src' => 'https://localhost/PATH/FILE.js',
+ 'id' => 'utils-js-extra',
+ 'nomodule' => true,
+ );
+
+ $this->assertSame(
+ wp_get_script_tag( $attributes ),
+ get_echo(
+ 'wp_print_script_tag',
+ array( $attributes )
+ )
+ );
+
+ remove_theme_support( 'html5' );
+
+ $this->assertSame(
+ wp_get_script_tag( $attributes ),
+ get_echo(
+ 'wp_print_script_tag',
+ array( $attributes )
+ )
+ );
+ }
+}
</ins></span></pre></div>
<a id="trunktestsphpunittestsfunctionswpInlineScriptTagphp"></a>
<div class="delfile"><h4 style="background-color: #eee; color: inherit; margin: 1em 0; padding: 1.3em; font-size: 115%">Deleted: trunk/tests/phpunit/tests/functions/wpInlineScriptTag.php</h4>
<pre class="diff"><span>
<span class="info" style="display: block; padding: 0 10px; color: #888">--- trunk/tests/phpunit/tests/functions/wpInlineScriptTag.php 2021-02-22 23:21:56 UTC (rev 50408)
+++ trunk/tests/phpunit/tests/functions/wpInlineScriptTag.php 2021-02-23 01:58:21 UTC (rev 50409)
</span><span class="lines" style="display: block; padding: 0 10px; color: #888">@@ -1,119 +0,0 @@
</span><del style="background-color: #fdd; text-decoration:none; display:block; padding: 0 10px">-<?php
-
-/**
- * Test wp_get_inline_script_tag() and wp_print_inline_script_tag().
- *
- * @group functions.php
- */
-class Tests_Functions_wpInlineScriptTag extends WP_UnitTestCase {
-
- private $event_handler = <<<'JS'
-document.addEventListener( 'DOMContentLoaded', function () {
- document.getElementById( 'elementID' )
- .addEventListener( 'click', function( event ) {
- event.preventDefault();
- });
-});
-JS;
-
- public function get_inline_script_tag_type_set() {
- add_theme_support( 'html5', array( 'script' ) );
-
- $this->assertSame(
- '<script type="application/javascript" nomodule>' . "\n{$this->event_handler}\n</script>\n",
- wp_get_inline_script_tag(
- $this->event_handler,
- array(
- 'type' => 'application/javascript',
- 'async' => false,
- 'nomodule' => true,
- )
- )
- );
-
- remove_theme_support( 'html5' );
-
- $this->assertSame(
- '<script type="application/javascript" nomodule>' . "\n{$this->event_handler}\n</script>\n",
- wp_get_inline_script_tag(
- $this->event_handler,
- array(
- 'type' => 'application/javascript',
- 'async' => false,
- 'nomodule' => true,
- )
- )
- );
- }
-
- public function test_get_inline_script_tag_type_not_set() {
- add_theme_support( 'html5', array( 'script' ) );
-
- $this->assertSame(
- "<script nomodule>\n{$this->event_handler}\n</script>\n",
- wp_get_inline_script_tag(
- $this->event_handler,
- array(
- 'async' => false,
- 'nomodule' => true,
- )
- )
- );
-
- remove_theme_support( 'html5' );
- }
-
- public function test_get_inline_script_tag_unescaped_src() {
- add_theme_support( 'html5', array( 'script' ) );
-
- $this->assertSame(
- "<script>\n{$this->event_handler}\n</script>\n",
- wp_get_inline_script_tag( $this->event_handler )
- );
-
- remove_theme_support( 'html5' );
- }
-
- public function test_print_script_tag_prints_get_inline_script_tag() {
- add_filter(
- 'wp_inline_script_attributes',
- function ( $attributes ) {
- if ( isset( $attributes['id'] ) && 'utils-js-extra' === $attributes['id'] ) {
- $attributes['async'] = true;
- }
- return $attributes;
- }
- );
-
- add_theme_support( 'html5', array( 'script' ) );
-
- $attributes = array(
- 'id' => 'utils-js-before',
- 'nomodule' => true,
- );
-
- $this->assertSame(
- wp_get_inline_script_tag( $this->event_handler, $attributes ),
- get_echo(
- 'wp_print_inline_script_tag',
- array(
- $this->event_handler,
- $attributes,
- )
- )
- );
-
- remove_theme_support( 'html5' );
-
- $this->assertSame(
- wp_get_inline_script_tag( $this->event_handler, $attributes ),
- get_echo(
- 'wp_print_inline_script_tag',
- array(
- $this->event_handler,
- $attributes,
- )
- )
- );
- }
-}
</del></span></pre></div>
<a id="trunktestsphpunittestsfunctionswpSanitizeScriptAttributesphp"></a>
<div class="delfile"><h4 style="background-color: #eee; color: inherit; margin: 1em 0; padding: 1.3em; font-size: 115%">Deleted: trunk/tests/phpunit/tests/functions/wpSanitizeScriptAttributes.php</h4>
<pre class="diff"><span>
<span class="info" style="display: block; padding: 0 10px; color: #888">--- trunk/tests/phpunit/tests/functions/wpSanitizeScriptAttributes.php 2021-02-22 23:21:56 UTC (rev 50408)
+++ trunk/tests/phpunit/tests/functions/wpSanitizeScriptAttributes.php 2021-02-23 01:58:21 UTC (rev 50409)
</span><span class="lines" style="display: block; padding: 0 10px; color: #888">@@ -1,130 +0,0 @@
</span><del style="background-color: #fdd; text-decoration:none; display:block; padding: 0 10px">-<?php
-
-/**
- * Test wp_sanitize_script_attributes().
- *
- * @group functions.php
- */
-class Tests_Functions_wpSanitizeScriptAttributes extends WP_UnitTestCase {
-
- function test_sanitize_script_attributes_type_set() {
- add_theme_support( 'html5', array( 'script' ) );
-
- $this->assertSame(
- ' type="application/javascript" src="https://DOMAIN.TLD/PATH/FILE.js" nomodule',
- wp_sanitize_script_attributes(
- array(
- 'type' => 'application/javascript',
- 'src' => 'https://DOMAIN.TLD/PATH/FILE.js',
- 'async' => false,
- 'nomodule' => true,
- )
- )
- );
-
- remove_theme_support( 'html5' );
-
- $this->assertSame(
- ' src="https://DOMAIN.TLD/PATH/FILE.js" type="application/javascript" nomodule="nomodule"',
- wp_sanitize_script_attributes(
- array(
- 'src' => 'https://DOMAIN.TLD/PATH/FILE.js',
- 'type' => 'application/javascript',
- 'async' => false,
- 'nomodule' => true,
- )
- )
- );
- }
-
- function test_sanitize_script_attributes_type_not_set() {
- add_theme_support( 'html5', array( 'script' ) );
-
- $this->assertSame(
- ' src="https://DOMAIN.TLD/PATH/FILE.js" nomodule',
- wp_sanitize_script_attributes(
- array(
- 'src' => 'https://DOMAIN.TLD/PATH/FILE.js',
- 'async' => false,
- 'nomodule' => true,
- )
- )
- );
-
- remove_theme_support( 'html5' );
-
- $this->assertSame(
- ' src="https://DOMAIN.TLD/PATH/FILE.js" nomodule="nomodule"',
- wp_sanitize_script_attributes(
- array(
- 'src' => 'https://DOMAIN.TLD/PATH/FILE.js',
- 'async' => false,
- 'nomodule' => true,
- )
- )
- );
- }
-
-
- function test_sanitize_script_attributes_no_attributes() {
- add_theme_support( 'html5', array( 'script' ) );
-
- $this->assertSame(
- '',
- wp_sanitize_script_attributes( array() )
- );
-
- remove_theme_support( 'html5' );
- }
-
- function test_sanitize_script_attributes_relative_src() {
- add_theme_support( 'html5', array( 'script' ) );
-
- $this->assertSame(
- ' src="PATH/FILE.js" nomodule',
- wp_sanitize_script_attributes(
- array(
- 'src' => 'PATH/FILE.js',
- 'async' => false,
- 'nomodule' => true,
- )
- )
- );
-
- remove_theme_support( 'html5' );
- }
-
-
- function test_sanitize_script_attributes_only_false_boolean_attributes() {
- add_theme_support( 'html5', array( 'script' ) );
-
- $this->assertSame(
- '',
- wp_sanitize_script_attributes(
- array(
- 'async' => false,
- 'nomodule' => false,
- )
- )
- );
-
- remove_theme_support( 'html5' );
- }
-
- function test_sanitize_script_attributes_only_true_boolean_attributes() {
- add_theme_support( 'html5', array( 'script' ) );
-
- $this->assertSame(
- ' async nomodule',
- wp_sanitize_script_attributes(
- array(
- 'async' => true,
- 'nomodule' => true,
- )
- )
- );
-
- remove_theme_support( 'html5' );
- }
-
-}
</del></span></pre></div>
<a id="trunktestsphpunittestsfunctionswpScriptTagphp"></a>
<div class="delfile"><h4 style="background-color: #eee; color: inherit; margin: 1em 0; padding: 1.3em; font-size: 115%">Deleted: trunk/tests/phpunit/tests/functions/wpScriptTag.php</h4>
<pre class="diff"><span>
<span class="info" style="display: block; padding: 0 10px; color: #888">--- trunk/tests/phpunit/tests/functions/wpScriptTag.php 2021-02-22 23:21:56 UTC (rev 50408)
+++ trunk/tests/phpunit/tests/functions/wpScriptTag.php 2021-02-23 01:58:21 UTC (rev 50409)
</span><span class="lines" style="display: block; padding: 0 10px; color: #888">@@ -1,94 +0,0 @@
</span><del style="background-color: #fdd; text-decoration:none; display:block; padding: 0 10px">-<?php
-
-/**
- * Test wp_get_script_tag() and wp_print_script_tag().
- *
- * @group functions.php
- */
-class Tests_Functions_wpScriptTag extends WP_UnitTestCase {
-
- function get_script_tag_type_set() {
- add_theme_support( 'html5', array( 'script' ) );
-
- $this->assertSame(
- '<script src="https://localhost/PATH/FILE.js" type="application/javascript" nomodule></script>' . "\n",
- wp_get_script_tag(
- array(
- 'type' => 'application/javascript',
- 'src' => 'https://localhost/PATH/FILE.js',
- 'async' => false,
- 'nomodule' => true,
- )
- )
- );
-
- remove_theme_support( 'html5' );
-
- $this->assertSame(
- '<script src="https://localhost/PATH/FILE.js" type="application/javascript" nomodule></script>' . "\n",
- wp_get_script_tag(
- array(
- 'src' => 'https://localhost/PATH/FILE.js',
- 'type' => 'application/javascript',
- 'async' => false,
- 'nomodule' => true,
- )
- )
- );
- }
-
- function test_get_script_tag_type_not_set() {
- add_theme_support( 'html5', array( 'script' ) );
-
- $this->assertSame(
- '<script src="https://localhost/PATH/FILE.js" nomodule></script>' . "\n",
- wp_get_script_tag(
- array(
- 'src' => 'https://localhost/PATH/FILE.js',
- 'async' => false,
- 'nomodule' => true,
- )
- )
- );
-
- remove_theme_support( 'html5' );
- }
-
- function test_print_script_tag_prints_get_script_tag() {
- add_filter(
- 'wp_script_attributes',
- function ( $attributes ) {
- if ( isset( $attributes['id'] ) && 'utils-js-extra' === $attributes['id'] ) {
- $attributes['async'] = true;
- }
- return $attributes;
- }
- );
-
- add_theme_support( 'html5', array( 'script' ) );
-
- $attributes = array(
- 'src' => 'https://localhost/PATH/FILE.js',
- 'id' => 'utils-js-extra',
- 'nomodule' => true,
- );
-
- $this->assertSame(
- wp_get_script_tag( $attributes ),
- get_echo(
- 'wp_print_script_tag',
- array( $attributes )
- )
- );
-
- remove_theme_support( 'html5' );
-
- $this->assertSame(
- wp_get_script_tag( $attributes ),
- get_echo(
- 'wp_print_script_tag',
- array( $attributes )
- )
- );
- }
-}
</del></span></pre>
</div>
</div>
</body>
</html>