Making WordPress.org

Changeset 12094


Ignore:
Timestamp:
09/27/2022 01:33:48 AM (4 months ago)
Author:
dd32
Message:

Support Forums: Don't oEmbed WordPress.org URLs which include anchors in the URL.

Fixes #4346.

File:
1 edited

Legend:

Unmodified
Added
Removed
  • sites/trunk/wordpress.org/public_html/wp-content/plugins/support-forums/inc/class-hooks.php

    r11623 r12094  
    132132        add_filter( 'bbp_subscription_mail_message', array( $this, 'bbp_subscription_mail_message'), 5, 3 );
    133133
     134        // Don't embed WordPress.org links with anchors included.
     135        add_filter( 'pre_oembed_result', array( $this, 'pre_oembed_result_dont_embed_wordpress_org_anchors' ), 20, 2 );
     136
     137        // Break users sessions / passwords when they get blocked, on the main forums only.
    134138        if ( 'wordpress.org' === get_blog_details()->domain ) {
    135             // Break users sessions / passwords when they get blocked, on the main forums only.
    136139            add_action( 'bbp_set_user_role', array( $this, 'user_blocked_password_handler' ), 10, 3 );
    137140        }
     
    13141317
    13151318    /**
     1319     * Don't embed WordPress.org links when anchors are included.
     1320     *
     1321     * NOTE: `$return` will have HTML when the link points to the current site, as WordPress uses
     1322     *       the same filter to preempt HTTP requests, ignoring any earlier filtered results.
     1323     *
     1324     * TODO: It may be better wanted to inject the actual hash into the oEmbed iframe instead of
     1325     *       disabling this rich embed entirely.
     1326     *
     1327     * @see https://meta.trac.wordpress.org/ticket/4346
     1328     */
     1329    public function pre_oembed_result_dont_embed_wordpress_org_anchors( $return, $url ) {
     1330        // Match WordPress.org + Subdomains which includes a Hash character in the URL.
     1331        if ( preg_match( '!^https?://([^/]+[.])?wordpress[.]org/.*#!i', $url ) ) {
     1332            $return = false;
     1333        }
     1334
     1335        return $return;
     1336    }
     1337
     1338    /**
    13161339     * Catch a user being blocked / unblocked and set their password appropriately.
    13171340     *
Note: See TracChangeset for help on using the changeset viewer.