Fix/invalid field ids #41564
Fix/invalid field ids #41564
Conversation
edanzer
added
[Type] Bug
|
Are you an Automattician? Please test your changes on all WordPress.com environments to help mitigate accidental explosions.
Interested in more tips and information?
|
github-actions
bot
added
[Package] Forms
[Plugin] Jetpack
|
Thank you for your PR! When contributing to Jetpack, we have a few suggestions that can help us test and review your patch:
This comment will be updated as you work on your PR and make changes. If you think that some of those checks are not needed for your PR, please explain why you think so. Thanks for cooperation 🤖 The e2e test report can be found here. Please note that it can take a few minutes after the e2e tests checks are complete for the report to be available. Follow this PR Review Process:
Still unsure? Reach out in #jetpack-developers for guidance! Jetpack plugin: The Jetpack plugin has different release cadences depending on the platform:
If you have any questions about the release process, please ask in the #jetpack-releases channel on Slack. |
| @@ -745,7 +745,7 @@ private function render_consent_field( $id, $class ) { | |||
| /** | |||
| * Return the HTML for the multiple checkbox field. | |||
| * | |||
| * @param int $id - the ID. | |||
| * @param string $id - the ID (starts with 'g' - see constructor). | |||
There was a problem hiding this comment.
$id is always a string. See contructor around line 150 where it is set. This is relevant because a valid html ID need to start with a letter, not a number.
Code Coverage SummaryThis PR did not change code coverage! That could be good or bad, depending on the situation. Everything covered before, and still is? Great! Nothing was covered before? Not so great. 🤷 |
| @@ -674,11 +674,11 @@ public function render_radio_field( $id, $label, $value, $class, $required, $req | |||
| $option = Contact_Form_Plugin::strip_tags( $option ); | |||
| if ( is_string( $option ) && $option !== '' ) { | |||
| $radio_value = $this->get_option_value( $this->get_attribute( 'values' ), $option_index, $option ); | |||
| $radio_id = "$id-$radio_value"; | |||
| $radio_id = sanitize_html_class( $id ) . '-' . sanitize_html_class( $radio_value ); | |||
There was a problem hiding this comment.
I don't think we need to wrap $id with sanitize_html_class( $id ). Since if this is the case we would need to do it in a few different places as well see line 668.
|
I didn't know about I wonder if something a bit different would do the trick mostly since we could have a case where we would produce the same ID and then we could take care of cases where a user could by accident produce the same ID. Since the function produces the same ID we end up with the case where when you click on Granted it is a bit of an edge case but |
Fixes #41527
Proposed changes:
For radio and multiple checkbox fields, when outputting options to the apage, we are using the option values for html id's. But option values can have spaces or odd characters, which produces invalid html ids. This PR uses the santize_html_class() method to strip white space and other non-valid characters.
Example of the issue:
QUESTION: Do we need to worry about backward compatibility issues when adjusting field ids. For now, my view is no. But the two likely concerns would be
(1) users applying custom CSS or JS to fields using the field ID
(2) changing the field IDS on existing forms -> as far as I can tell, those field ids are not used downstream for manipulating form submissions, but if we were or users are via custom code, that could have an impact.
If we are concerned, we could consider wrapping the id output in conditionals - output the same as we have if the resulting value is valid, else output the new version (this new version would still be different, but if the old one was invalid, it's moot).
Other information:
Jetpack product discussion
None.
Does this pull request change what data or activity we track or use?
No.
Testing instructions: