Opened 8 years ago
Closed 6 years ago
#2622 closed defect (bug) (fixed)
Plugin Directory: Markdown code not being honored
Reported by: |
|
Owned by: | |
---|---|---|---|
Milestone: | Plugin Directory v3 - Future | Priority: | normal |
Component: | Plugin Directory | Keywords: | |
Cc: |
Description
In https://plugins.svn.wordpress.org/easy-widget-columns/trunk/README.txt there's a section for "Does the plugin add any HTML markup in the front-end?"
which has this:
<div id="widget-row-{number}" class="widget-row"><div class="wrap">[my widgets...]</div></div>
That's being scrubbed in https://wordpress.org/plugins/easy-widget-columns/#faq to just [my widgets]
My guess is that the markdown parser is a little too aggro! :D
Change History (8)
#2
@
8 years ago
For reference, here's some code which should work (but isn't right now):
$text = '<pre><code><div id="widget-row-{number}" class="widget-row"> <div class="wrap"> [my widgets...] </div> </div> </code></pre>'; $allowed = array( 'a' => array( 'href' => true, 'title' => true, 'rel' => true, ), 'blockquote' => array( 'cite' => true ), 'br' => true, 'p' => true, 'code' => true, 'pre' => true, 'em' => true, 'strong' => true, 'ul' => true, 'ol' => true, 'dl' => true, 'dt' => true, 'dd' => true, 'li' => true, 'h3' => true, 'h4' => true, ); $text = wp_kses( $text, $allowed ); var_dump( $text );
#3
@
8 years ago
- Keywords needs-patch removed
I've applied a fix for this in r13013-dotorg
I've re-imported the affected plugin here, but will need to run a re-import for any other plugin affected. cd ../wp-content/plugin-directory/; php bin/import-plugin.php $plugin_name
for those with access.
Unfortunately finding affected plugins may be hard, as the content has been stripped from the DB.. Searching for either </div
or <code>
is probably the best option.
I'm not going to follow that up right this instant, as I believe there'll be a bunch of other readme parser bugs which may need a full reindex for anyway.
#4
@
8 years ago
That's okay, I can run the import on an as reported to us basis. Thanks for letting me know the commands needed. I was wondering about that.
This ticket was mentioned in Slack in #meta by tellyworth. View the logs.
8 years ago
#6
@
8 years ago
Unfortunately finding affected plugins may be hard, as the content has been stripped from the DB.. Searching for either
</div
or<code>
is probably the best option.
I ran a search ( ag -t '<code>' -G 'readme.txt'
and ag -t '</div' -G 'readme.txt'
) and got this list of the 926 most likely impacted plugins:
Matches Plugin Active installs ======= ====== =============== 1 1-jquery-photo-gallery-slideshow-flash 1,000+ 3 30suns-service-health-dashboard 10+ 4 3d-viewer-configurator 60+ 1 7k-image-uploader-meta-box 10+ 1 99-doanloandmangager 0+ 1 99-facebox-download 40+ 1 a-fresher-cache 100+ 1 a11y-speech-synthesis 0+ 1 a3-lazy-load 10,000+ 6 a3-portfolio 600+ 1 a3-responsive-slider 1,000+ 1 ab-google-map-travel 600+ 7 ab-simple-feeds 40+ 3 abooze-slideshow 100+ 1 accarousel 0+ 1 acf-multisite-sync 100+ 7 acf-wysiwyg-styling 100+ 2 add-actions-and-filters 3,000+ 12 add-custom-fields-to-media 300+ 10 add-local-avatar 10,000+ 2 add-to-circle-widget 100+ 1 addfunc-wysiwyg-helper 900+ 1 adjustly-collapse 800+ 5 adjustly-nextpage 900+ 3 admin-page-framework 500+ 14 administrative-shortcodes 70+ 7 advanced-facebook-twitter-widget 500+ 1 advanced-sidebar-menu 20,000+ 3 agenda-running 10+ 1 aiirs-artificial-intelligence-image-resizer 20+ 1 ajax-comments 1,000+ 1 ajax-file-upload 400+ 2 alan-partridge-random-quote 0+ 16 album-and-image-gallery-plus-lightbox 3,000+ 1 alc 500+ 1 ald-openbrwindow 100+ 2 ald-transpose-email 1,000+ 1 amazing-team-member-carousel 200+ 2 ams-single-post-template-selector 100+ 11 animation-menus-highlight 20+ 2 annonces 60+ 7 antispambot 300+ 1 apermo-adminbar 20+ 1 approval-workflow 3,000+ 2 aprils-call-posts 100+ 2 aprils-facebook-like-button 300+ 3 arabic-font 1,000+ 11 article-gallery-slider 80+ 1 async-javascript-optimizer 200+ 1 attachment-pages-redirect 10,000+ 5 attachments 30,000+ 5 author-avatars 9,000+ 1 authorcomments 10+ 1 auto-attachments 200+ 4 auto-copyright-1 300+ 1 auto-files 300+ 2 auto-hyperlink-urls 9,000+ 2 auto-trash-delete 60+ 1 automatic-domain-changer 10,000+ 26 avatar-coquette 60+ 3 b26-slider 0+ 1 ball-by-ball-cricket-live-score-widget-with-shortcode 40+ 11 banner-display-thumbnail 20+ 11 banner-hover-list 10+ 11 banner-info-effect 30+ 11 banner-introduction-slider 100+ 1 bbpress-code-snippets 70+ 1 bbpress-notify-nospam 3,000+ 1 bbpress-post-toolbar 700+ 11 best-images-slider 30+ 4 bet-on-sports 100+ 1 better-noindex 0+ 5 better-random-redirect 2,000+ 1 better-search 8,000+ 2 better-widgets-pack 400+ 1 better-wordpress-recaptcha-for-cloudflare-sites 100+ 1 better-wordpress-syntax-based-on-geshi 400+ 3 betterantispam 20+ 1 bknewsticker 1,000+ 6 blitzcrank 0+ 1 blockq 0+ 9 blog-designer-for-post-and-widget 2,000+ 1 blogroll-in-posts 100+ 2 bookmeforphotographers-widget 0+ 2 bootstrap-modals 3,000+ 1 branded-plugins-branded-admin 200+ 1 broken-link-checker 500,000+ 29 bubble-seo 1,000+ 1 buddypress-easy-albums-photos-video-and-music 200+ 1 buddypress-easy-albums-photos-video-and-music-next-gen 400+ 1 bulletproof-security 100,000+ 1 bunnys-language-linker 10+ 16 buttons-with-style 500+ 2 buzz-roll 0+ 1 callmeback 20+ 1 cameroid-photos-online 0+ 2 campus-directory 50+ 2 car-loan-application-and-calculator-module 80+ 3 cars-seller-auto-classifieds-script 500+ 2 categories-page 300+ 1 category-page-extender 300+ 2 category-page-icons 4,000+ 4 cdnvote 20+ 2 centre-images 0+ 1 cfs-cf7 60+ 1 child-theme-configurator 100,000+ 1 clean-image-filenames 10,000+ 1 clearboth 70+ 1 client-status 70+ 1 climate-change-glossary 0+ 6 cm-css-columns 20+ 1 cmb-field-type-sorter 20+ 3 cmp-coming-soon-maintenance 40+ 5 code-highlighter 300+ 4 code-prettify 2,000+ 3 codeblocks-extended 10+ 3 codecolorer 4,000+ 2 codeformatter 0+ 2 colorcode 10+ 2 combo-slideshow 300+ 1 comment-inbox 20+ 1 comment-mail 500+ 1 comment-signature 60+ 2 com WordPress.org: Please note that this content has been truncated for display.
Now all that done. We may just want to re-import everyone's readme anyway because of the whole faq/install directions mishegas.
#8
@
6 years ago
- Keywords 2nd-opinion removed
- Resolution set to fixed
- Status changed from new to closed
Two years later, I think we can call this fixed.
Any plugins who are still affected would've been fixed upon reimport/update, and if any complain in the future we can do a once-off import for them.
I've tracked this down to a
wp_kses()
related filter on WordPress.org - The parser and markdown is fine, it's just being warped by this rogue filter.