diff --git a/src/wp-includes/kses.php b/src/wp-includes/kses.php index 2ee8aee5a0..b77d501333 100644 --- a/src/wp-includes/kses.php +++ b/src/wp-includes/kses.php @@ -459,7 +459,7 @@ if ( ! CUSTOM_TAGS ) { ); /** - * @var string[] $allowedentitynames Array of KSES allowed HTML entitity names. + * @var string[] $allowedentitynames Array of KSES allowed HTML entity names. * @since 1.0.0 */ $allowedentitynames = array( @@ -719,10 +719,10 @@ if ( ! CUSTOM_TAGS ) { ); /** - * @var string[] $allowedxmlentitynames Array of KSES allowed XML entitity names. + * @var string[] $allowedxmlentitynames Array of KSES allowed XML entity names. * @since 5.5.0 */ - $allowedxmlnamedentities = array( + $allowedxmlentitynames = array( 'amp', 'lt', 'gt', @@ -1906,7 +1906,7 @@ function wp_kses_named_entities( $matches ) { * @return string Correctly encoded entity. */ function wp_kses_xml_named_entities( $matches ) { - global $allowedentitynames, $allowedxmlnamedentities; + global $allowedentitynames, $allowedxmlentitynames; if ( empty( $matches[1] ) ) { return ''; @@ -1914,7 +1914,7 @@ function wp_kses_xml_named_entities( $matches ) { $i = $matches[1]; - if ( in_array( $i, $allowedxmlnamedentities, true ) ) { + if ( in_array( $i, $allowedxmlentitynames, true ) ) { return "&$i;"; } elseif ( in_array( $i, $allowedentitynames, true ) ) { return html_entity_decode( "&$i;", ENT_HTML5 ); diff --git a/tests/phpunit/tests/kses.php b/tests/phpunit/tests/kses.php index 7f5bb646d1..481e01f23b 100644 --- a/tests/phpunit/tests/kses.php +++ b/tests/phpunit/tests/kses.php @@ -1790,4 +1790,110 @@ HTML; return $return_data; } + + /** + * Test that XML named entities are encoded correctly. + * + * @dataProvider data_wp_kses_xml_named_entities + * + * @ticket 54060 + * @covers ::wp_kses_xml_named_entities + * + * @param array $input The input to wp_kses_xml_named_entities(). + * @param string $expected The expected output. + */ + public function test_wp_kses_xml_named_entities( $input, $expected ) { + $this->assertSame( $expected, wp_kses_xml_named_entities( $input ) ); + } + + /** + * Data provider for test_wp_kses_xml_named_entities(). + * + * @return array Nested array of input, expected pairs. + */ + public function data_wp_kses_xml_named_entities() { + return array( + // Empty string value testing. + 'empty string' => array( + 'input' => '', + 'expected' => '', + ), + + // Empty string array value testing. + 'empty string array' => array( + 'input' => array( '', '' ), + 'expected' => '', + ), + + // $allowedxmlentitynames values testing. + 'amp' => array( + 'input' => array( '', 'amp' ), + 'expected' => '&', + ), + 'lt' => array( + 'input' => array( '', 'lt' ), + 'expected' => '<', + ), + 'gt' => array( + 'input' => array( '', 'gt' ), + 'expected' => '>', + ), + + // $allowedentitynames values testing. + 'nbsp' => array( + 'input' => array( '', 'nbsp' ), + 'expected' => utf8_encode( chr( 160 ) ), + ), + 'iexcl' => array( + 'input' => array( '', 'iexcl' ), + 'expected' => '¡', + ), + 'cent' => array( + 'input' => array( '', 'cent' ), + 'expected' => '¢', + ), + + // Some other value testing. + 'test' => array( + 'input' => array( '', 'test' ), + 'expected' => '&test;', + ), + + ); + } + + /** + * Test that KSES globals are defined. + * + * @dataProvider data_kses_globals_are_defined + * + * @ticket 54060 + * + * @param string $global The name of the global variable. + */ + public function test_kses_globals_are_defined( $global ) { + $this->assertArrayHasKey( $global, $GLOBALS ); + } + + /** + * Data provider for test_kses_globals_are_defined(). + * + * @return array + */ + public function data_kses_globals_are_defined() { + return array( + 'allowedposttags' => array( + 'global' => 'allowedposttags', + ), + 'allowedtags' => array( + 'global' => 'allowedtags', + ), + 'allowedentitynames' => array( + 'global' => 'allowedentitynames', + ), + 'allowedxmlentitynames' => array( + 'global' => 'allowedxmlentitynames', + ), + ); + } }