[wp-trac] [WordPress Trac] #33102: Shortcodes with Quoted Attributes Break Inside of Quoted HTML Attributes
WordPress Trac
noreply at wordpress.org
Thu Jul 23 16:21:07 UTC 2015
#33102: Shortcodes with Quoted Attributes Break Inside of Quoted HTML Attributes
--------------------------+-----------------------------
Reporter: cgrymala | Owner:
Type: defect (bug) | Status: new
Priority: normal | Milestone: Awaiting Review
Component: Shortcodes | Version: trunk
Severity: normal | Keywords:
Focuses: |
--------------------------+-----------------------------
Use Case:
You're trying to use a shortcode that accepts string attributes as the
value of an HTML element's attribute. For instance, you have a sample
shortcode that outputs a URL, and accepts a few string attributes. If the
quotes surrounding the HTML attribute match the quotes surrounding the
shortcode attributes, the shortcode is never processed.
Example:
`<a title="This is a test" href="/[currenturl sanitize=1
before="?ref="]">Testing some stuff.</a>`
In this example, assume there is a shortcode called currenturl that
accepts the `sanitize` and `before` parameters, where the `before`
parameter is a string argument, so it needs to be quoted in order to be
processed properly, and the shortcode returns the URL of the current page.
In this example, the processed code should look something like:
`<a title="This is a test"
href="/?ref=http%3A%2F%2Fwordpress.org%2F">Testing some stuff.</a>`
Instead, as of WordPress 4.2.3 and the latest nightly build, the output
looks like:
`<a title="This is a test" href="/[currenturl sanitize=1
before="?ref="]">Testing some stuff.</a>`
So far, this only seems to be related to the shortcode being inside of
HTML tags, and it only occurs when the HTML attribute's quote style is the
same as the shortcode attribute's quote style.
For instance, the following works just fine:
`<a title="This is a test" href="/[currenturl sanitize=1
before='?ref=']">Testing some stuff.</a>`
As does the following:
`<a title="This is a test" href='/[currenturl sanitize=1
before="?ref="]'>Testing some stuff.</a>`
The following two examples do not work, though:
`
<a title='This is a test' href='/[currenturl sanitize=1
before='?ref=']'>Testing some stuff.</a>
<a title="This is a test" href="/[currenturl sanitize=1
before="?ref="]">Testing some stuff.</a>
`
If you'd like to test it with a native WordPress shortcode (to prove that
it's not a plugin/theme thing), you can certainly test it with something
like:
`<a href="[gallery link="file" ids="9,10,11,12,13,14,15"]">Some stuff</a>`
Of course, we all know that that would output invalid (and really messy)
HTML if it was processed correctly, but it still illustrates the point.
In that specific example, when the shortcode is processed correctly within
that context, it returns an empty string, so that the output looks like:
`<a href="">Some stuff</a>`
However, in the current versions of WordPress, it outputs:
`<a href="[gallery link="file" ids="15,14,13,12,11,10,9"]">Some stuff</a>`
This has broken quite a few features on quite a few sites I'm working
with. At the moment, I am having to go through all of those sites and
manually edit the shortcodes to use single-quotes instead of the standard
double-quotes, just so that they don't clash with the quotes around the
HTML attributes.
--
Ticket URL: <https://core.trac.wordpress.org/ticket/33102>
WordPress Trac <https://core.trac.wordpress.org/>
WordPress publishing platform
More information about the wp-trac
mailing list