Opened 8 years ago
Closed 6 years ago
#2622 closed defect (bug) (fixed)
Plugin Directory: Markdown code not being honored
| Reported by: |
|
Owned by: | |
|---|---|---|---|
| Milestone: | Plugin Directory v3 - Future | Priority: | normal |
| Component: | Plugin Directory | Keywords: | |
| Cc: |
Description
In https://plugins.svn.wordpress.org/easy-widget-columns/trunk/README.txt there's a section for "Does the plugin add any HTML markup in the front-end?"
which has this:
<div id="widget-row-{number}" class="widget-row"><div class="wrap">[my widgets...]</div></div>
That's being scrubbed in https://wordpress.org/plugins/easy-widget-columns/#faq to just [my widgets]
My guess is that the markdown parser is a little too aggro! :D
Change History (8)
#2
@
8 years ago
For reference, here's some code which should work (but isn't right now):
$text = '<pre><code><div id="widget-row-{number}" class="widget-row">
<div class="wrap">
[my widgets...]
</div>
</div>
</code></pre>';
$allowed = array(
'a' => array(
'href' => true,
'title' => true,
'rel' => true,
),
'blockquote' => array(
'cite' => true
),
'br' => true, 'p' => true,
'code' => true, 'pre' => true,
'em' => true, 'strong' => true,
'ul' => true, 'ol' => true,
'dl' => true, 'dt' => true, 'dd' => true,
'li' => true, 'h3' => true, 'h4' => true,
);
$text = wp_kses( $text, $allowed );
var_dump( $text );
#3
@
8 years ago
- Keywords needs-patch removed
I've applied a fix for this in r13013-dotorg
I've re-imported the affected plugin here, but will need to run a re-import for any other plugin affected. cd ../wp-content/plugin-directory/; php bin/import-plugin.php $plugin_name for those with access.
Unfortunately finding affected plugins may be hard, as the content has been stripped from the DB.. Searching for either </div or <code> is probably the best option.
I'm not going to follow that up right this instant, as I believe there'll be a bunch of other readme parser bugs which may need a full reindex for anyway.
#4
@
8 years ago
That's okay, I can run the import on an as reported to us basis. Thanks for letting me know the commands needed. I was wondering about that.
This ticket was mentioned in Slack in #meta by tellyworth. View the logs.
8 years ago
#6
@
8 years ago
Unfortunately finding affected plugins may be hard, as the content has been stripped from the DB.. Searching for either
</divor<code>is probably the best option.
I ran a search ( ag -t '<code>' -G 'readme.txt' and ag -t '</div' -G 'readme.txt' ) and got this list of the 926 most likely impacted plugins:
Matches Plugin Active installs
======= ====== ===============
1 1-jquery-photo-gallery-slideshow-flash 1,000+
3 30suns-service-health-dashboard 10+
4 3d-viewer-configurator 60+
1 7k-image-uploader-meta-box 10+
1 99-doanloandmangager 0+
1 99-facebox-download 40+
1 a-fresher-cache 100+
1 a11y-speech-synthesis 0+
1 a3-lazy-load 10,000+
6 a3-portfolio 600+
1 a3-responsive-slider 1,000+
1 ab-google-map-travel 600+
7 ab-simple-feeds 40+
3 abooze-slideshow 100+
1 accarousel 0+
1 acf-multisite-sync 100+
7 acf-wysiwyg-styling 100+
2 add-actions-and-filters 3,000+
12 add-custom-fields-to-media 300+
10 add-local-avatar 10,000+
2 add-to-circle-widget 100+
1 addfunc-wysiwyg-helper 900+
1 adjustly-collapse 800+
5 adjustly-nextpage 900+
3 admin-page-framework 500+
14 administrative-shortcodes 70+
7 advanced-facebook-twitter-widget 500+
1 advanced-sidebar-menu 20,000+
3 agenda-running 10+
1 aiirs-artificial-intelligence-image-resizer 20+
1 ajax-comments 1,000+
1 ajax-file-upload 400+
2 alan-partridge-random-quote 0+
16 album-and-image-gallery-plus-lightbox 3,000+
1 alc 500+
1 ald-openbrwindow 100+
2 ald-transpose-email 1,000+
1 amazing-team-member-carousel 200+
2 ams-single-post-template-selector 100+
11 animation-menus-highlight 20+
2 annonces 60+
7 antispambot 300+
1 apermo-adminbar 20+
1 approval-workflow 3,000+
2 aprils-call-posts 100+
2 aprils-facebook-like-button 300+
3 arabic-font 1,000+
11 article-gallery-slider 80+
1 async-javascript-optimizer 200+
1 attachment-pages-redirect 10,000+
5 attachments 30,000+
5 author-avatars 9,000+
1 authorcomments 10+
1 auto-attachments 200+
4 auto-copyright-1 300+
1 auto-files 300+
2 auto-hyperlink-urls 9,000+
2 auto-trash-delete 60+
1 automatic-domain-changer 10,000+
26 avatar-coquette 60+
3 b26-slider 0+
1 ball-by-ball-cricket-live-score-widget-with-shortcode 40+
11 banner-display-thumbnail 20+
11 banner-hover-list 10+
11 banner-info-effect 30+
11 banner-introduction-slider 100+
1 bbpress-code-snippets 70+
1 bbpress-notify-nospam 3,000+
1 bbpress-post-toolbar 700+
11 best-images-slider 30+
4 bet-on-sports 100+
1 better-noindex 0+
5 better-random-redirect 2,000+
1 better-search 8,000+
2 better-widgets-pack 400+
1 better-wordpress-recaptcha-for-cloudflare-sites 100+
1 better-wordpress-syntax-based-on-geshi 400+
3 betterantispam 20+
1 bknewsticker 1,000+
6 blitzcrank 0+
1 blockq 0+
9 blog-designer-for-post-and-widget 2,000+
1 blogroll-in-posts 100+
2 bookmeforphotographers-widget 0+
2 bootstrap-modals 3,000+
1 branded-plugins-branded-admin 200+
1 broken-link-checker 500,000+
29 bubble-seo 1,000+
1 buddypress-easy-albums-photos-video-and-music 200+
1 buddypress-easy-albums-photos-video-and-music-next-gen 400+
1 bulletproof-security 100,000+
1 bunnys-language-linker 10+
16 buttons-with-style 500+
2 buzz-roll 0+
1 callmeback 20+
1 cameroid-photos-online 0+
2 campus-directory 50+
2 car-loan-application-and-calculator-module 80+
3 cars-seller-auto-classifieds-script 500+
2 categories-page 300+
1 category-page-extender 300+
2 category-page-icons 4,000+
4 cdnvote 20+
2 centre-images 0+
1 cfs-cf7 60+
1 child-theme-configurator 100,000+
1 clean-image-filenames 10,000+
1 clearboth 70+
1 client-status 70+
1 climate-change-glossary 0+
6 cm-css-columns 20+
1 cmb-field-type-sorter 20+
3 cmp-coming-soon-maintenance 40+
5 code-highlighter 300+
4 code-prettify 2,000+
3 codeblocks-extended 10+
3 codecolorer 4,000+
2 codeformatter 0+
2 colorcode 10+
2 combo-slideshow 300+
1 comment-inbox 20+
1 comment-mail 500+
1 comment-signature 60+
2 com
WordPress.org: Please note that this content has been truncated for display.
Now all that done. We may just want to re-import everyone's readme anyway because of the whole faq/install directions mishegas.
#8
@
6 years ago
- Keywords 2nd-opinion removed
- Resolution set to fixed
- Status changed from new to closed
Two years later, I think we can call this fixed.
Any plugins who are still affected would've been fixed upon reimport/update, and if any complain in the future we can do a once-off import for them.
I've tracked this down to a
wp_kses()related filter on WordPress.org - The parser and markdown is fine, it's just being warped by this rogue filter.