[wp-trac] [WordPress Trac] #35032: Shiny plugin updates fails if slug has special characters
WordPress Trac
noreply at wordpress.org
Mon Dec 14 16:48:40 UTC 2015
#35032: Shiny plugin updates fails if slug has special characters
-------------------------------------+------------------------------
Reporter: khag7 | Owner: adamsilverstein
Type: defect (bug) | Status: assigned
Priority: normal | Milestone: Awaiting Review
Component: Upgrade/Install | Version:
Severity: normal | Resolution:
Keywords: has-patch needs-testing | Focuses:
-------------------------------------+------------------------------
Comment (by khag7):
@adamsilverstein I installed the plugin you shared. Updates are failing if
the value of the data-slug attribute contains special characters. This is
because the shiny-updates.js as well as the default wordpress admin script
updates.js are both making use of the value in the data-slug attribute as
a jQuery selector string without escaping it first. jQuery selector
strings with special characters have to prefix the special char with a \\
before it can be used in the string. If shiny-updates.js and the core
admin script updates.js were changed to let the jQuery handle special
characters, it might work.
That would involve doing something like `slug =
slug.replace(/([^A-Za-z0-9_\-])/g,"\\$1" )` throughout the js anywhere a
slug is used in a jQuery selector string.
At that point, the jQuery wouldn't throw a syntax error.
Even if that does work, not sure that it will make a difference in the way
that the server handles the ajax request and returns a response. I haven't
looked at the code of your plugin in depth. But even if it can handle it,
I think the patch I submitted which removes the special characters before
they ever show up in the HTML is a better option than having to fix all
the javascript to handle the special chars.
--
Ticket URL: <https://core.trac.wordpress.org/ticket/35032#comment:7>
WordPress Trac <https://core.trac.wordpress.org/>
WordPress publishing platform
More information about the wp-trac
mailing list