i18n: Handle backslashes in localized template text#854
Conversation
| // If we modified any attributes, re-encode to JSON. | ||
| if ( $modified ) { | ||
| $new_attrs_json = wp_json_encode( $attrs, JSON_UNESCAPED_UNICODE | JSON_UNESCAPED_SLASHES ); | ||
| $new_attrs_json = strtr( $new_attrs_json, $placeholders ); |
There was a problem hiding this comment.
This is an edge case, but this strstr replaces __CBT_LOCALIZED_ATTRIBUTE_ across the content. Instead we could save the placeholders in an array and only replace them. I've added a commit to do this.
|
I commited a change to add a block-attribute-specific localization path. It tokenises unsafe characters into The previous escaping handled PHP single-quoted strings, but localised block attributes also have to survive JSON encoding in serialised block markup. Values containing backslashes, quotes, carriage returns, new lines, tabs, or I also added tests to cover the injection payload, double quotes, control characters, percent placeholders, and JSON decode validity. |
MaggieCabrera
left a comment
MaggieCabrera
left a comment
There was a problem hiding this comment.
This is testing well for me but I can't approve, can you, @scruffian please?
2 participants
Summary
Updates the Localize Text export path so template text with backslashes and quotes is preserved correctly when it is wrapped for translation.
This covers localized text in normal block content, inline formatted content, and block-comment attributes. The change keeps the exported theme markup valid for strings that include a backslash before a quote, and adds regression coverage for those cases.
Test plan
npm run test:unit:php:base -- --filter CBT_Theme_Localevendor/bin/phpcs --standard=phpcs.xml.dist includes/create-theme/theme-locale.php tests/CbtThemeLocale/base.php tests/CbtThemeLocale/escapeTextContent.php tests/CbtThemeLocale/escapeAttribute.php tests/CbtThemeLocale/escapeBlockAttributes.php