From c834d207622ea632d1df8d3e327da8629263e83f Mon Sep 17 00:00:00 2001 From: dmsnell Date: Thu, 8 Aug 2024 17:04:19 +0000 Subject: [PATCH] HTML API: Test and fix SVG script handling. When support was added for foreign content, an ambiguity in the HTML specification led to code that followed the wrong path when encountering a self-closing SCRIPT element in the SVG namespace. Further, a fallthrough was discovered during manual testing. This patch adds a new test to assert the proper behaviors and fixes these issues. In the case of the SCRIPT element, the outcome was the same with the wrong code path, making the defect benign. In the case of the fallthrough, the wrong behavior would occur. The updates in this patch also resolves a todo relating to the spec ambiguity. Developed in https://github.com/wordpress/wordpress-develop/pull/7164 Discussed in https://core.trac.wordpress.org/ticket/61576 Follow-up to [58868]. Props: dmsnell, jonsurrell. See #61576. Built from https://develop.svn.wordpress.org/trunk@58871 git-svn-id: http://core.svn.wordpress.org/trunk@58267 1a063a9b-81f0-0310-95a4-ce76da25c4cd --- .../html-api/class-wp-html-processor.php | 29 ++++++++++--------- wp-includes/version.php | 2 +- 2 files changed, 16 insertions(+), 15 deletions(-) diff --git a/wp-includes/html-api/class-wp-html-processor.php b/wp-includes/html-api/class-wp-html-processor.php index 415ff23eea..2bb6302c99 100644 --- a/wp-includes/html-api/class-wp-html-processor.php +++ b/wp-includes/html-api/class-wp-html-processor.php @@ -4239,21 +4239,22 @@ class WP_HTML_Processor extends WP_HTML_Tag_Processor { /* * > If the token has its self-closing flag set, then run * > the appropriate steps from the following list: + * > + * > ↪ the token's tag name is "script", and the new current node is in the SVG namespace + * > Acknowledge the token's self-closing flag, and then act as + * > described in the steps for a "script" end tag below. + * > + * > ↪ Otherwise + * > Pop the current node off the stack of open elements and + * > acknowledge the token's self-closing flag. + * + * Since the rules for SCRIPT below indicate to pop the element off of the stack of + * open elements, which is the same for the Otherwise condition, there's no need to + * separate these checks. The difference comes when a parser operates with the scripting + * flag enabled, and executes the script, which this parser does not support. */ if ( $this->state->current_token->has_self_closing_flag ) { - if ( 'SCRIPT' === $this->state->current_token->node_name && 'svg' === $this->state->current_token->namespace ) { - /* - * > Acknowledge the token's self-closing flag, and then act as - * > described in the steps for a "script" end tag below. - * - * @todo Verify that this shouldn't be handled by the rule for - * "An end tag whose name is 'script', if the current node - * is an SVG script element." - */ - goto in_foreign_content_any_other_end_tag; - } else { - $this->state->stack_of_open_elements->pop(); - } + $this->state->stack_of_open_elements->pop(); } return true; } @@ -4263,13 +4264,13 @@ class WP_HTML_Processor extends WP_HTML_Tag_Processor { */ if ( $this->is_tag_closer() && 'SCRIPT' === $this->state->current_token->node_name && 'svg' === $this->state->current_token->namespace ) { $this->state->stack_of_open_elements->pop(); + return true; } /* * > Any other end tag */ if ( $this->is_tag_closer() ) { - in_foreign_content_any_other_end_tag: $node = $this->state->stack_of_open_elements->current_node(); if ( $tag_name !== $node->node_name ) { // @todo Indicate a parse error once it's possible. diff --git a/wp-includes/version.php b/wp-includes/version.php index 2abc0eddf3..d93724149e 100644 --- a/wp-includes/version.php +++ b/wp-includes/version.php @@ -16,7 +16,7 @@ * * @global string $wp_version */ -$wp_version = '6.7-alpha-58870'; +$wp_version = '6.7-alpha-58871'; /** * Holds the WordPress DB revision, increments when changes are made to the WordPress DB schema.