diff --git a/Gruntfile.js b/Gruntfile.js index 815ccce3af535..2ce79d03bddc6 100644 --- a/Gruntfile.js +++ b/Gruntfile.js @@ -2154,6 +2154,14 @@ module.exports = function(grunt) { ]; } ) ) ); + + grunt.log.writeln( + 'Found ' + routeNames.length + ' route' + ( routeNames.length === 1 ? '' : 's' ) + + ' registered in ' + registryPath + ':' + ); + routeNames.forEach( function( name ) { + grunt.log.writeln( ' - ' + name ); + } ); } ); grunt.registerTask( 'build:gutenberg', [ diff --git a/src/wp-includes/html-api/class-wp-html-processor.php b/src/wp-includes/html-api/class-wp-html-processor.php index 967d616129647..1828123ff879d 100644 --- a/src/wp-includes/html-api/class-wp-html-processor.php +++ b/src/wp-includes/html-api/class-wp-html-processor.php @@ -1505,6 +1505,7 @@ public function serialize_token(): string { case 'SCRIPT': case 'STYLE': + case 'XMP': break; default: diff --git a/src/wp-includes/html-api/class-wp-html-tag-processor.php b/src/wp-includes/html-api/class-wp-html-tag-processor.php index fe8a20c1ea4ee..e41e1120550b5 100644 --- a/src/wp-includes/html-api/class-wp-html-tag-processor.php +++ b/src/wp-includes/html-api/class-wp-html-tag-processor.php @@ -1619,7 +1619,6 @@ private function skip_script_data(): bool { ( 'p' === $html[ $at + 4 ] || 'P' === $html[ $at + 4 ] ) && ( 't' === $html[ $at + 5 ] || 'T' === $html[ $at + 5 ] ) ) ) { - ++$at; continue; } diff --git a/tests/phpunit/tests/html-api/wpHtmlProcessor-serialize.php b/tests/phpunit/tests/html-api/wpHtmlProcessor-serialize.php index 5afe37a010a41..1ade7349a1398 100644 --- a/tests/phpunit/tests/html-api/wpHtmlProcessor-serialize.php +++ b/tests/phpunit/tests/html-api/wpHtmlProcessor-serialize.php @@ -257,6 +257,19 @@ public function test_style_contents_are_not_escaped() { ); } + /** + * Ensures that XMP contents are not escaped, as they are not parsed like text nodes are. + * + * @ticket 62036 + */ + public function test_xmp_contents_are_not_escaped() { + $this->assertSame( + WP_HTML_Processor::normalize( "apples > or\x00anges & pears < plums" ), + "apples > or\u{FFFD}anges & pears < plums", + 'Should have preserved text inside an XMP element, except for replacing NULL bytes.' + ); + } + public function test_unexpected_closing_tags_are_removed() { $this->assertSame( WP_HTML_Processor::normalize( 'onetwothree' ), @@ -616,6 +629,7 @@ public static function data_provider_normalized_fuzzer_cases_that_should_be_idem 'FORM with SVG TITLE text edge' => array( "
" ), 'FORM with TABLE and SCRIPT' => array( '
' ), 'FORM with TABLE CAPTION' => array( '
' ), + 'XMP rawtext with entity-looking text' => array( 'apples > oranges &amp; <' ), 'Short malformed G attribute C' => array( '' ), 'Short malformed G attribute S' => array( '' ), 'Duplicate SRC boundary' => array( '' ), diff --git a/tests/phpunit/tests/html-api/wpHtmlTagProcessor.php b/tests/phpunit/tests/html-api/wpHtmlTagProcessor.php index a066543d8e11f..fd73ddc43a4ba 100644 --- a/tests/phpunit/tests/html-api/wpHtmlTagProcessor.php +++ b/tests/phpunit/tests/html-api/wpHtmlTagProcessor.php @@ -2116,6 +2116,8 @@ public static function data_script_tag(): Generator { yield 'Script tag with close' => array( "', true ); + yield 'Script text less-than' => array( '', true ); + yield 'Script text less-than solidus' => array( '', true ); yield 'Script data escaped' => array( '', true ); yield 'Script data double-escaped exit (comment)' => array( '', true ); yield 'Script data double-escaped exit (closed ">")' => array( '', true );