HTML API: Check tag namespace in ::set_modifiable_text().

The method should only apply to special "atomic" HTML tags like `SCRIPT` or `TEXTAREA`. `::set_modifiable_text()` should not apply to tags with the same name in other namespaces.

Developed in #11083.

Props jonsurrell, dmsnell, westonruter.
Fixes #64751.


git-svn-id: https://develop.svn.wordpress.org/trunk@61796 602fd350-edb4-49c9-b593-d223f7449a82

Author: sirreal

src/wp-includes/html-api/class-wp-html-tag-processor.php

@@ -3817,7 +3817,14 @@ public function set_modifiable_text( string $plaintext_content ): bool {
 			return true;
 		}
 
-		if ( self::STATE_MATCHED_TAG !== $this->parser_state ) {
+		/*
+		 * The rest of this function handles modifiable text for special "atomic" HTML elements.
+		 * Only tags in the HTML namespace should be processed.
+		 */
+		if (
+			self::STATE_MATCHED_TAG !== $this->parser_state ||
+			'html' !== $this->get_namespace()
+		) {
 			return false;
 		}
 

tests/phpunit/tests/html-api/wpHtmlProcessorModifiableText.php

@@ -24,7 +24,7 @@ class Tests_HtmlApi_WpHtmlProcessorModifiableText extends WP_UnitTestCase {
 	 * @param string $set_text         Text to set.
 	 * @param string $expected_html    Expected HTML output.
 	 */
-	public function test_modifiable_text_special_textarea( string $set_text, string $expected_html ) {
+	public function test_modifiable_text_special_textarea( string $set_text, string $expected_html ): void {
 		$processor = WP_HTML_Processor::create_fragment( '<textarea></textarea>' );
 		$processor->next_token();
 		$processor->set_modifiable_text( $set_text );
@@ -50,9 +50,9 @@ public function test_modifiable_text_special_textarea( string $set_text, string
 	/**
 	 * Data provider.
 	 *
-	 * @return array[]
+	 * @return array<string, array{0: string, 1: string}>
 	 */
-	public static function data_modifiable_text_special_textarea() {
+	public static function data_modifiable_text_special_textarea(): array {
 		return array(
 			'Leading newline'                   => array(
 				"\nAFTER NEWLINE",
@@ -68,4 +68,59 @@ public static function data_modifiable_text_special_textarea() {
 			),
 		);
 	}
+
+	/**
+	 * Ensures that `set_modifiable_text()` returns false for elements that are not special "atomic" elements.
+	 *
+	 * This includes atomic-like foreign elements (`<svg><textarea>`) as well as arbitrary HTML
+	 * elements (`<div>`).
+	 *
+	 * @ticket 64751
+	 * @dataProvider data_set_modifiable_fails_non_atomic_tags
+	 */
+	public function test_set_modifiable_fails_non_atomic_tags(
+		string $html,
+		string $target_tag
+	): void {
+		$processor = WP_HTML_Processor::create_fragment( $html );
+		$this->assertNotNull( $processor, 'Failed to create a processor.' );
+		$this->assertTrue( $processor->next_tag( $target_tag ), 'Failed to find target tag.' );
+		$this->assertFalse(
+			$processor->set_modifiable_text( 'test' ),
+			"set_modifiable_text() should return false on {$processor->get_namespace()}:{$processor->get_qualified_tag_name()}."
+		);
+		$this->assertSame(
+			$html,
+			$processor->get_updated_html(),
+			'HTML should be unchanged after rejected set_modifiable_text().'
+		);
+	}
+
+	/**
+	 * Data provider.
+	 *
+	 * @return array<string, array{0: string, 1: string, 2: string}>
+	 */
+	public static function data_set_modifiable_fails_non_atomic_tags(): array {
+		return array(
+			// Plain HTML tags.
+			'html DIV'                   => array( '<div>', 'DIV' ),
+
+			// Foreign elements with non-atomic tags.
+			'svg PATH'                   => array( '<svg><path></path></svg>', 'PATH' ),
+			'svg PATH (self-closing)'    => array( '<svg><path /></svg>', 'PATH' ),
+			'math MTEXT'                 => array( '<math><mtext></mtext></math>', 'MTEXT' ),
+			'math MSPACE (self-closing)' => array( '<math><mspace /></math>', 'MSPACE' ),
+
+			// Foreign elements with atomic-like tags.
+			'svg TEXTAREA'               => array( '<svg><textarea></textarea></svg>', 'TEXTAREA' ),
+			'svg TITLE'                  => array( '<svg><title></title></svg>', 'TITLE' ),
+			'svg STYLE'                  => array( '<svg><style></style></svg>', 'STYLE' ),
+			'svg SCRIPT'                 => array( '<svg><script></script></svg>', 'SCRIPT' ),
+			'math TEXTAREA'              => array( '<math><textarea></textarea></math>', 'TEXTAREA' ),
+			'math TITLE'                 => array( '<math><title></title></math>', 'TITLE' ),
+			'math STYLE'                 => array( '<math><style></style></math>', 'STYLE' ),
+			'math SCRIPT'                => array( '<math><script></script></math>', 'SCRIPT' ),
+		);
+	}
 }

tests/phpunit/tests/html-api/wpHtmlTagProcessorModifiableText.php

@@ -644,7 +644,7 @@ public function test_json_auto_escaping() {
 	 *
 	 * @ticket 64609
 	 */
-	public function test_modifiable_text_special_textarea() {
+	public function test_modifiable_text_special_textarea(): void {
 		$processor = new WP_HTML_Tag_Processor( '<textarea></textarea>' );
 		$processor->next_token();
 		$processor->set_modifiable_text( "\nAFTER NEWLINE" );
@@ -664,4 +664,60 @@ public function test_modifiable_text_special_textarea() {
 			'Should have preserved the leading newline in the content.'
 		);
 	}
+
+	/**
+	 * Ensures that `set_modifiable_text()` returns false for elements that are
+	 * not special "atomic" elements.
+	 *
+	 * This includes atomic-like foreign elements as well as non-atomic foreign elements.
+	 *
+	 * @ticket 64751
+	 * @dataProvider data_set_modifiable_fails_non_atomic_tags
+	 */
+	public function test_set_modifiable_fails_non_atomic_tags(
+		string $html,
+		string $parsing_namespace,
+		string $target_tag
+	): void {
+		$processor = new WP_HTML_Tag_Processor( $html );
+		$processor->change_parsing_namespace( $parsing_namespace );
+		$this->assertTrue( $processor->next_tag( $target_tag ), 'Failed to find target tag.' );
+		$this->assertFalse(
+			$processor->set_modifiable_text( 'test' ),
+			"set_modifiable_text() should return false for {$parsing_namespace}:{$target_tag}."
+		);
+		$this->assertSame(
+			$html,
+			$processor->get_updated_html(),
+			'HTML should be unchanged after rejected set_modifiable_text().'
+		);
+	}
+
+	/**
+	 * Data provider.
+	 *
+	 * @return array<string, array{0: string, 1: string, 2: string}>
+	 */
+	public static function data_set_modifiable_fails_non_atomic_tags(): array {
+		return array(
+			// Plain HTML tags.
+			'html DIV'                   => array( '<div>', 'html', 'DIV' ),
+
+			// Foreign elements with non-atomic tags.
+			'svg PATH'                   => array( '<path></path>', 'svg', 'PATH' ),
+			'svg PATH (self-closing)'    => array( '<path />', 'svg', 'PATH' ),
+			'math MTEXT'                 => array( '<mtext></mtext>', 'math', 'MTEXT' ),
+			'math MSPACE (self-closing)' => array( '<mspace />', 'math', 'MSPACE' ),
+
+			// Foreign elements with atomic-like tags.
+			'svg TEXTAREA'               => array( '<textarea></textarea>', 'svg', 'TEXTAREA' ),
+			'svg TITLE'                  => array( '<title></title>', 'svg', 'TITLE' ),
+			'svg STYLE'                  => array( '<style></style>', 'svg', 'STYLE' ),
+			'svg SCRIPT'                 => array( '<script></script>', 'svg', 'SCRIPT' ),
+			'math TEXTAREA'              => array( '<textarea></textarea>', 'math', 'TEXTAREA' ),
+			'math TITLE'                 => array( '<title></title>', 'math', 'TITLE' ),
+			'math STYLE'                 => array( '<style></style>', 'math', 'STYLE' ),
+			'math SCRIPT'                => array( '<script></script>', 'math', 'SCRIPT' ),
+		);
+	}
 }