Skip to content

Hotfix/revert script link container due to double escaping issues#338

Merged
gin0115 merged 3 commits into
trunkfrom
hotfix/revert-script-link-container-due-to-double-escaping-issues
May 7, 2026
Merged

Hotfix/revert script link container due to double escaping issues#338
gin0115 merged 3 commits into
trunkfrom
hotfix/revert-script-link-container-due-to-double-escaping-issues

Conversation

@gin0115

@gin0115 gin0115 commented May 7, 2026

Copy link
Copy Markdown
Collaborator

…ver eger themse that re apply wp kses to rendered post content

Changes proposed in this Pull Request

This pull request updates the plugin to version 1.4.1 and addresses a critical compatibility issue where link metadata was being exposed as visible text on some themes, especially when content was wrapped with wp_kses_post. The fix involves changing how link data is embedded in post content, ensuring it is robust against multiple passes of content sanitization and remains hidden from users and the accessibility tree. Comprehensive tests are added to verify the new approach and cover edge cases.

Bug fix: Compatibility with content sanitization and themes

  • Changed link metadata output from a <script> tag with raw JSON to a hidden <span> element with a data-iawmlf-links attribute, using all JSON_HEX_* flags for encoding. This ensures the data survives multiple passes of wp_kses_post and does not leak as visible text. The <span> is appended after the block content to avoid interfering with CSS rules. (src/WP_Post/WP_Post_Controller.php)
  • Updated the plugin changelog and documentation to describe the fix for link data leaking as visible text on category and archive templates. (readme.txt)

Testing improvements

  • Added and updated tests to ensure the new <span> approach works as intended, including extraction helpers, checks for the presence and correct placement of the span, survival through multiple wp_kses_post passes, and round-tripping of special characters in URLs. (tests/WP_Post/Test_WP_Post_Controller.php) [1] [2] [3]

Version bump

  • Updated the version number to 1.4.1 in all relevant files: internet-archive-wayback-machine-link-fixer.php, package.json, and readme.txt. [1] [2] [3] [4] [5]

Testing instructions

Mentions #

Summary by CodeRabbit

Release Notes - v1.4.1

  • Bug Fixes
    • Resolved an issue where link metadata was displaying as visible escaped text on archive and category pages when themes apply content filtering. Link data is now properly hidden from end-users while the plugin continues to function seamlessly across all page templates.

@coderabbitai

coderabbitai Bot commented May 7, 2026

Copy link
Copy Markdown

Review Change Stack
No actionable comments were generated in the recent review. 🎉

ℹ️ Recent review info
⚙️ Run configuration

Configuration used: Organization UI

Review profile: CHILL

Plan: Pro

Run ID: 942e1197-8fe6-4c55-908f-7558dbd1c6df

📥 Commits

Reviewing files that changed from the base of the PR and between ceb2f43 and 4da69bd.

⛔ Files ignored due to path filters (1)
  • package-lock.json is excluded by !**/package-lock.json
📒 Files selected for processing (6)
  • assets/js/src/front_link_checker.js
  • internet-archive-wayback-machine-link-fixer.php
  • package.json
  • readme.txt
  • src/WP_Post/WP_Post_Controller.php
  • tests/WP_Post/Test_WP_Post_Controller.php

Walkthrough

This PR migrates the plugin's link metadata storage mechanism from JSON script tags to hidden span elements with data attributes. The backend change renders link data as a span with a data-iawmlf-links attribute using enhanced JSON encoding flags, appended after block content. The frontend JavaScript parser is updated to extract JSON from the data attribute via DOM querying and try/catch error handling. Comprehensive test coverage includes new helpers for span data extraction, refactored assertions for existing tests, and new test cases verifying output format, positioning, DOM parsing, and robustness through multiple WordPress sanitization filter passes. Version is bumped to 1.4.1 and documented in plugin metadata and readme changelog.

🚥 Pre-merge checks | ✅ 5
✅ Passed checks (5 passed)
Check name Status Explanation
Description Check ✅ Passed Check skipped - CodeRabbit’s high-level summary is enabled.
Title check ✅ Passed The pull request title 'Hotfix/revert script link container due to double escaping issues' directly matches the main change: reverting from a script tag to a span element to fix double escaping problems that exposed link metadata as visible text.
Docstring Coverage ✅ Passed Docstring coverage is 100.00% which is sufficient. The required threshold is 80.00%.
Linked Issues check ✅ Passed Check skipped because no linked issues were found for this pull request.
Out of Scope Changes check ✅ Passed Check skipped because no linked issues were found for this pull request.

✏️ Tip: You can configure your own custom pre-merge checks in the settings.

✨ Finishing Touches
📝 Generate docstrings
  • Create stacked PR
  • Commit on current branch

Tip

💬 Introducing Slack Agent: The best way for teams to turn conversations into code.

Slack Agent is built on CodeRabbit's deep understanding of your code, so your team can collaborate across the entire SDLC without losing context.

  • Generate code and open pull requests
  • Plan features and break down work
  • Investigate incidents and troubleshoot customer tickets together
  • Automate recurring tasks and respond to alerts with triggers
  • Summarize progress and report instantly

Built for teams:

  • Shared memory across your entire org—no repeating context
  • Per-thread sandboxes to safely plan and execute work
  • Governance built-in—scoped access, auditability, and budget controls

One agent for your entire SDLC. Right inside Slack.

👉 Get started


Comment @coderabbitai help to get the list of available commands and usage tips.

@gin0115 gin0115 merged commit b08e81e into trunk May 7, 2026
11 checks passed
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Labels

None yet

Projects

None yet

Development

Successfully merging this pull request may close these issues.

1 participant