Skip to content

Commit 47a6493

Browse files
obenlandobenland
committed
Process emoji after sanitization
1 parent ae8b5e6 commit 47a6493

File tree

2 files changed

+43
-21
lines changed

2 files changed

+43
-21
lines changed

includes/collection/class-interactions.php

Lines changed: 34 additions & 14 deletions
Original file line numberDiff line numberDiff line change
@@ -77,8 +77,22 @@ public static function update_comment( $activity ) {
7777
}
7878

7979
// Found a local comment id.
80-
$commentdata['comment_author'] = self::replace_custom_emoji( $meta['name'] ? $meta['name'] : $meta['preferredUsername'], $meta );
81-
$commentdata['comment_content'] = \addslashes( self::replace_custom_emoji( $activity['object']['content'], $activity['object'] ) );
80+
$commentdata['comment_author'] = \esc_attr( $meta['name'] ? $meta['name'] : $meta['preferredUsername'] );
81+
$commentdata['comment_content'] = \addslashes( $activity['object']['content'] );
82+
83+
add_filter(
84+
'pre_comment_author_name',
85+
function ( $comment_author ) use ( $meta ) {
86+
return self::replace_custom_emoji( $comment_author, $meta );
87+
}
88+
);
89+
add_filter(
90+
'pre_comment_content',
91+
function ( $comment_content ) use ( $activity ) {
92+
return self::replace_custom_emoji( $comment_content, $activity['object'] );
93+
},
94+
20
95+
);
8296

8397
return self::persist( $commentdata, self::UPDATE );
8498
}
@@ -209,22 +223,14 @@ public static function allowed_comment_html( $allowed_tags, $context = '' ) {
209223
}
210224

211225
// Add `p` and `br` to the list of allowed tags.
212-
if ( ! isset( $allowed_tags['br'] ) ) {
226+
if ( ! array_key_exists( 'br', $allowed_tags ) ) {
213227
$allowed_tags['br'] = array();
214228
}
215229

216-
if ( ! isset( $allowed_tags['p'] ) ) {
230+
if ( ! array_key_exists( 'p', $allowed_tags ) ) {
217231
$allowed_tags['p'] = array();
218232
}
219233

220-
if ( ! isset( $allowed_tags['img'] ) ) {
221-
$allowed_tags['img'] = array(
222-
'src' => array(),
223-
'alt' => array(),
224-
'class' => array(),
225-
);
226-
}
227-
228234
return $allowed_tags;
229235
}
230236

@@ -265,9 +271,9 @@ public static function activity_to_comment( $activity ) {
265271
}
266272

267273
$commentdata = array(
268-
'comment_author' => self::replace_custom_emoji( $comment_author, $actor ),
274+
'comment_author' => \esc_attr( $comment_author ),
269275
'comment_author_url' => \esc_url_raw( $url ),
270-
'comment_content' => self::replace_custom_emoji( $comment_content, $activity['object'] ),
276+
'comment_content' => $comment_content,
271277
'comment_type' => 'comment',
272278
'comment_author_email' => '',
273279
'comment_meta' => array(
@@ -284,6 +290,20 @@ public static function activity_to_comment( $activity ) {
284290
$commentdata['comment_meta']['source_url'] = \esc_url_raw( object_to_uri( $activity['object']['url'] ) );
285291
}
286292

293+
add_filter(
294+
'pre_comment_author_name',
295+
function ( $comment_author ) use ( $actor ) {
296+
return self::replace_custom_emoji( $comment_author, $actor );
297+
}
298+
);
299+
add_filter(
300+
'pre_comment_content',
301+
function ( $comment_content ) use ( $activity ) {
302+
return self::replace_custom_emoji( $comment_content, $activity['object'] );
303+
},
304+
20
305+
);
306+
287307
return $commentdata;
288308
}
289309

tests/includes/collection/class-test-interactions.php

Lines changed: 9 additions & 7 deletions
Original file line numberDiff line numberDiff line change
@@ -489,11 +489,12 @@ public function test_activity_to_comment_with_emoji() {
489489
'id' => 'https://example.com/activities/1',
490490
'type' => 'Note',
491491
'content' => 'Hello world :kappa: and :smile:',
492-
'actor' => $this->user_url,
492+
'actor' => self::$user_url,
493493
'object' => array(
494-
'id' => 'https://example.com/objects/1',
495-
'content' => 'Hello world :kappa: and :smile:',
496-
'tag' => array(
494+
'id' => 'https://example.com/objects/1',
495+
'content' => 'Hello world :kappa: and :smile:',
496+
'inReplyTo' => self::$post_permalink,
497+
'tag' => array(
497498
array(
498499
'type' => 'Emoji',
499500
'name' => ':kappa:',
@@ -516,15 +517,16 @@ public function test_activity_to_comment_with_emoji() {
516517
),
517518
);
518519

519-
$commentdata = Interactions::activity_to_comment( $activity );
520+
$comment_id = Interactions::add_comment( $activity );
521+
$comment = get_comment( $comment_id );
520522

521523
$this->assertStringContainsString(
522524
'<img src="https://example.com/files/kappa.png" alt=":kappa:" class="emoji" />',
523-
$commentdata['comment_content']
525+
$comment->comment_content
524526
);
525527
$this->assertStringContainsString(
526528
'<img src="https://example.com/files/smile.png" alt=":smile:" class="emoji" />',
527-
$commentdata['comment_content']
529+
$comment->comment_content
528530
);
529531
}
530532
}

0 commit comments

Comments
 (0)