Merge pull request #1849 from SohamPatel46/add/iframe-for-raw-response

Use `IFRAME` to display HTML responses for REST API storage request failures in Site Health test

Author: westonruter

plugins/optimization-detective/site-health.php

@@ -127,6 +127,10 @@ function od_compose_site_health_result( $response ): array {
 		$message = wp_remote_retrieve_response_message( $response );
 		$body    = wp_remote_retrieve_body( $response );
 		$data    = json_decode( $body, true );
+		$header  = wp_remote_retrieve_header( $response, 'content-type' );
+		if ( is_array( $header ) ) {
+			$header = array_pop( $header );
+		}
 
 		$is_expected = (
 			400 === $code &&
@@ -156,7 +160,18 @@ function od_compose_site_health_result( $response ): array {
 				$result['description'] .= '<blockquote>' . esc_html( $data['message'] ) . '</blockquote>';
 			}
 
-			$result['description'] .= '<details><summary>' . esc_html__( 'Raw response:', 'optimization-detective' ) . '</summary><pre style="white-space: pre-wrap">' . esc_html( $body ) . '</pre></details>';
+			if ( '' !== $body ) {
+				$result['description'] .= '<details>';
+				$result['description'] .= '<summary>' . esc_html__( 'Raw response:', 'optimization-detective' ) . '</summary>';
+
+				if ( is_string( $header ) && str_contains( $header, 'html' ) ) {
+					$escaped_content        = htmlspecialchars( $body, ENT_QUOTES, 'UTF-8' );
+					$result['description'] .= '<iframe srcdoc="' . $escaped_content . '" sandbox width="100%" height="300"></iframe>';
+				} else {
+					$result['description'] .= '<pre style="white-space: pre-wrap">' . esc_html( $body ) . '</pre>';
+				}
+				$result['description'] .= '</details>';
+			}
 		}
 	}
 	return $result;
@@ -238,14 +253,24 @@ function od_maybe_render_rest_api_health_check_admin_notice( bool $in_plugin_row
 		$message = "<details>$message</details>";
 	}
 
-	wp_admin_notice(
+	$notice = wp_get_admin_notice(
 		$message,
 		array(
 			'type'               => 'warning',
 			'additional_classes' => $in_plugin_row ? array( 'inline', 'notice-alt' ) : array(),
 			'paragraph_wrap'     => false,
 		)
 	);
+
+	echo wp_kses(
+		$notice,
+		array_merge(
+			wp_kses_allowed_html( 'post' ),
+			array(
+				'iframe' => array_fill_keys( array( 'srcdoc', 'sandbox', 'width', 'height' ), true ),
+			)
+		)
+	);
 }
 
 /**

plugins/optimization-detective/tests/test-site-health.php

@@ -120,12 +120,33 @@ public function data_provider_test_rest_api_availability(): array {
 						'code'    => 403,
 						'message' => 'Forbidden',
 					),
+					'headers'  => array(
+						'content-type' => 'text/html',
+					),
 					'body'     => "<html>\n<head><title>403 Forbidden</title></head>\n<body>\n<center><h1>403 Forbidden</h1></center>\n<hr><center>nginx</center>\n</body>\n</html>",
 				),
 				'expected_option'      => '1',
 				'expected_status'      => 'recommended',
 				'expected_unavailable' => true,
 			),
+			'other_forbidden' => array(
+				'mocked_response'      => array(
+					'response' => array(
+						'code'    => 403,
+						'message' => 'Forbidden',
+					),
+					'headers'  => array(
+						'content-type' => array(
+							'text/html; charset=utf-8',
+							'application/xhtml+xml',
+						),
+					),
+					'body'     => '<!DOCTYPE HTML PUBLIC "-//IETF//DTD HTML 2.0//EN"><html><head><title>403 Forbidden</title></head><body><h1>Forbidden</h1><p>You don\'t have permission to access this resource.</p></body></html>',
+				),
+				'expected_option'      => '1',
+				'expected_status'      => 'recommended',
+				'expected_unavailable' => true,
+			),
 			'error'           => array(
 				'mocked_response'      => new WP_Error( 'bad', 'Something terrible has happened' ),
 				'expected_option'      => '1',
@@ -142,6 +163,8 @@ public function data_provider_test_rest_api_availability(): array {
 	 * @covers ::od_compose_site_health_result
 	 * @covers ::od_get_rest_api_health_check_response
 	 * @covers ::od_is_rest_api_unavailable
+	 * @covers ::od_render_rest_api_health_check_admin_notice_in_plugin_row
+	 * @covers ::od_maybe_render_rest_api_health_check_admin_notice
 	 *
 	 * @dataProvider data_provider_test_rest_api_availability
 	 *
@@ -151,6 +174,24 @@ public function test_rest_api_availability( $mocked_response, string $expected_o
 		$this->filter_rest_api_response( $mocked_response );
 
 		$result = od_test_rest_api_availability();
+		$notice = get_echo( 'od_render_rest_api_health_check_admin_notice_in_plugin_row', array( 'optimization-detective/load.php' ) );
+		if ( $expected_unavailable ) {
+			$this->assertStringContainsString( '<code>', $notice );
+			if ( is_array( $mocked_response ) ) {
+				if ( isset( $mocked_response['headers']['content-type'] ) && str_contains( join( '', (array) $mocked_response['headers']['content-type'] ), 'html' ) ) {
+					$this->assertStringContainsString( '</iframe>', $notice );
+					$this->assertStringNotContainsString( '</pre>', $notice );
+				} else {
+					$this->assertStringContainsString( '</pre>', $notice );
+					$this->assertStringNotContainsString( '</iframe>', $notice );
+				}
+			} else {
+				$this->assertStringNotContainsString( '</iframe>', $notice );
+				$this->assertStringNotContainsString( '</pre>', $notice );
+			}
+		} else {
+			$this->assertSame( '', $notice );
+		}
 		$this->assertArrayHasKey( 'label', $result );
 		$this->assertArrayHasKey( 'status', $result );
 		$this->assertArrayHasKey( 'badge', $result );
@@ -392,7 +433,7 @@ static function ( $pre, array $args, string $url ) use ( $mocked_response, $obse
 	}
 
 	/**
-	 * Build a mock response.
+	 * Build a mock JSON response.
 	 *
 	 * @param int                  $status_code HTTP status code.
 	 * @param string               $message     HTTP status message.
@@ -406,6 +447,9 @@ protected function build_mock_response( int $status_code, string $message, array
 				'message' => $message,
 			),
 			'body'     => wp_json_encode( $body ),
+			'headers'  => array(
+				'content-type' => 'application/json',
+			),
 		);
 	}
 }