Skip to content

Rich text: fix format deregistration #31518

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Merged
ellatrix merged 13 commits into from
Jul 13, 2021
Merged

Rich text: fix format deregistration #31518

Show file tree
Hide file tree
Changes from 1 commit
Commits
Show all changes
13 commits
Select commit Hold shift + click to select a range
3de7ac6
Rich text: disable some attributes
ellatrix May 5, 2021
85a6a40
Check uppercase
ellatrix May 5, 2021
f81705f
Fix transform matcher
ellatrix May 6, 2021
c99ea41
Use unstable export
ellatrix May 6, 2021
a907d57
Add basic tests
ellatrix May 6, 2021
c641674
Fix invalid block HTML
ellatrix May 10, 2021
1ed5d00
Add test
ellatrix May 10, 2021
255d607
Add script e2e test
ellatrix May 10, 2021
5965cf4
Add unit tests
ellatrix May 10, 2021
062a744
Fix for missing block
ellatrix May 10, 2021
92bf38d
Address feedback
ellatrix May 10, 2021
36bd0bb
Fix block compare
ellatrix May 18, 2021
03aaa77
Update snapshot
ellatrix Jul 13, 2021
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
Prev Previous commit
Next Next commit
Add basic tests
  • Loading branch information
@ellatrix
ellatrix committed Jul 13, 2021
commit a907d578287ad5d7de5a0f75c86b7766639585c5
10 changes: 8 additions & 2 deletions packages/block-library/src/buttons/transforms.js
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -38,7 +38,10 @@ const transforms = {
{},
// Loop the selected buttons
buttons.map( ( attributes ) => {
const element = createElement( attributes.content );
const element = createElement(
document,
attributes.content
);
// Remove any HTML tags
const text = element.innerText || '';
// Get first url
Expand All @@ -53,7 +56,10 @@ const transforms = {
),
isMatch: ( paragraphs ) => {
return paragraphs.every( ( attributes ) => {
const element = createElement( attributes.content );
const element = createElement(
document,
attributes.content
);
const text = element.innerText || '';
const links = element.querySelectorAll( 'a' );
return text.length <= 30 && links.length <= 1;
Expand Down
6 changes: 4 additions & 2 deletions packages/rich-text/src/create.js
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -397,7 +397,7 @@ function createFromElement( {
}

if ( type === 'script' ) {
mergePair( accumulator, {
const value = {
formats: [ , ],
replacements: [
{
Expand All @@ -410,7 +410,9 @@ function createFromElement( {
},
],
text: OBJECT_REPLACEMENT_CHARACTER,
} );
};
accumulateSelection( accumulator, node, range, value );
mergePair( accumulator, value );
continue;
}

Expand Down
20 changes: 20 additions & 0 deletions packages/rich-text/src/test/__snapshots__/to-dom.js.snap
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -121,6 +121,26 @@ exports[`recordToDom should create an empty value from empty tags 1`] = `
</body>
`;

exports[`recordToDom should disarm on* attribute 1`] = `
<body>

<img
data-disable-rich-text-onerror="alert('1')"
/>

</body>
`;

exports[`recordToDom should disarm script 1`] = `
<body>

<script
data-rich-text-script="alert(%221%22)"
/>

</body>
`;

exports[`recordToDom should filter format boundary attributes 1`] = `
<body>
<strong
Expand Down
50 changes: 50 additions & 0 deletions packages/rich-text/src/test/helpers/index.js
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -677,6 +677,56 @@ export const spec = [
text: '12',
},
},
{
description: 'should disarm script',
html: '<script>alert("1")</script>',
createRange: ( element ) => ( {
startOffset: 0,
startContainer: element,
endOffset: 0,
endContainer: element,
} ),
startPath: [ 0, 0 ],
endPath: [ 0, 0 ],
record: {
start: 0,
end: 0,
formats: [ , ],
replacements: [
{
attributes: { 'data-rich-text-script': 'alert(%221%22)' },
type: 'script',
},
],
text: '\ufffc',
},
},
{
description: 'should disarm on* attribute',
html: '<img onerror="alert(\'1\')">',
createRange: ( element ) => ( {
startOffset: 0,
startContainer: element,
endOffset: 0,
endContainer: element,
} ),
startPath: [ 0, 0 ],
endPath: [ 0, 0 ],
record: {
start: 0,
end: 0,
formats: [ , ],
replacements: [
{
attributes: {
'data-disable-rich-text-onerror': "alert('1')",
},
type: 'img',
},
],
text: '\ufffc',
},
},
];

export const specWithRegistration = [
Expand Down