[wp-trac] [WordPress Trac] #52892: Privacy Export Personal Data: JSON encoding failure generates invalid JSON in export file

WordPress Trac noreply at wordpress.org
Tue Mar 23 19:16:45 UTC 2021 

#52892: Privacy Export Personal Data: JSON encoding failure generates invalid JSON
in export file
----------------------------+-----------------------------
 Reporter:  hellofromTonya  |      Owner:  (none)
     Type:  defect (bug)    |     Status:  new
 Priority:  normal          |  Milestone:  Awaiting Review
Component:  Privacy         |    Version:  5.4
 Severity:  normal          |   Keywords:
  Focuses:                  |
----------------------------+-----------------------------
 When exporting personal data, if the JSON encoding of the groups fails in
 `wp_privacy_generate_personal_data_export_file()`, invalid JSON is
 generated in the generated `export.json` file:


 {{{
 "{Personal Data Export for tester at test.com:}"
 }}}


 See it in action here https://3v4l.org/bpmqG.

 Notice:
 - The invalid JSON (as there's no value after the colon `:`
 - No error, warning, or notice is generated for PHP 5.6 to 8.0.3. This
 makes it difficult to debug as no information is provided as to why the
 JSON is invalid

 == Expected Behavior

 Either:

 - Generate an error via `wp_send_json_error` to alert of the problem and
 bail out of  generating the file
 - Or generate valid JSON in the file, e.g. `'"false"`, with a
 `_doing_it_wrong` or notice in the error log

 == What causes JSON encoding to fail?

 Found this issue when working on PHPStan type mismatches for when `false`
 passed to `fwrite`. [https://www.php.net/manual/en/function.fwrite.php
 `fwrite`] expects a string as it's 2nd argument. This can happen when/if
 `wp_json_encode` returns `false` (i.e. JSON encoding fails).

 `json_encode` returns `false` when:

 - attempting to encode a non-UTF-8 string
 WordPress automatically remedies the encoding with `_wp_json_sanity_check`
 where it converts string(s) to UTF-8.

 - a resource is given
 A resource could exist an element of the groups when the post meta data is
 filtered. Using
 [https://gist.github.com/hellofromtonya/5f8fc3cfb8c51e448d01d8c72d0d291c
 this test script] reproduces the failed JSON encoding and invalid JSON
 report.

 == How to Reproduce

 1. Add
 [https://gist.github.com/hellofromtonya/5f8fc3cfb8c51e448d01d8c72d0d291c
 this script] as a must-use file
 2. Go to "Tools" > "Export Personal Data" and add a test user in the
 "Username or email address" field to generate a request.
 3. Hover over the email and click on "Download personal data"
 4. Then unzip the downloaded zip file
 5. Open `export.json` and notice no value exists in the JSON. For example,
 if the user's email is `tester at test.com`, the `export.json` file would
 contain:
 {{{
 "{Personal Data Export for tester at test.com:}"
 }}}

 == Additional Info

 It is a type mismatch with `fwrite`, as a string is expected for the 2nd
 argument. Fixing this problem guards against future PHP type strictness.

-- 
Ticket URL: <https://core.trac.wordpress.org/ticket/52892>
WordPress Trac <https://core.trac.wordpress.org/>
WordPress publishing platform

More information about the wp-trac mailing list