[wp-trac] [WordPress Trac] #35032: Shiny plugin updates fails if slug has special characters
WordPress Trac
noreply at wordpress.org
Sat Dec 12 15:16:36 UTC 2015
#35032: Shiny plugin updates fails if slug has special characters
-------------------------------------+------------------------------
Reporter: khag7 | Owner:
Type: defect (bug) | Status: new
Priority: normal | Milestone: Awaiting Review
Component: Upgrade/Install | Version:
Severity: normal | Resolution:
Keywords: has-patch needs-testing | Focuses:
-------------------------------------+------------------------------
Comment (by khag7):
The slugs provided by the WP plugin repo are all sanitized by the repo API
before they are returned.
WooThemes premium plugins have an API for updates which returns instead of
a sanitized plug, a string that is the filename of the plugin.
Example: WooCommerce Smart Coupons gets returned from the WooThemes API as
woocommerce-smart-coupons/woocommerce-smart-coupons.php
There are about 350 other WooThemes extensions that might all behave the
same way. I don't own all of them but I assume their API works
consistently in that manner.
On one hand, I think the burden should be on 3rd parties to make their
plugin update API service interact with WordPress in a way that is
functional. On the other hand, updates have always worked even when the
slug contains special characters, its just the shiny updates that are
broken. If we want to disallow special characters in plugin slugs then we
should do so consistently: we should prohibit regular updates from working
as well.
If you're looking to test and need a copy of a WooThemes plugin that does
this, I can provide. Alternatively, just for testing you could write a
filter on `site_transient_update_plugins` that adds special characters to
the plugin slugs stored there. The slug doesn't have to be "correct" for
updates to work, its just a string that is used as an HTML data attribute.
--
Ticket URL: <https://core.trac.wordpress.org/ticket/35032#comment:3>
WordPress Trac <https://core.trac.wordpress.org/>
WordPress publishing platform
More information about the wp-trac
mailing list