Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Only move meta tags to the head when required and add processing for meta[http-equiv] #4505

Merged
merged 8 commits into from
Apr 2, 2020

Conversation

pierlon
Copy link
Contributor

@pierlon pierlon commented Apr 1, 2020

Summary

Fixes #4502.

  • Only move meta tags to the head when they are required to be moved; allow other tags to be in the body (in particular HTML5 Microdata tags).
  • Add explicit recognition for meta[http-equiv] tags.
  • Add tests for all discretely-recognized meta tags.
  • Add tests to assert the contents of the validator spec to catch unexpected changes.

Checklist

  • My pull request is addressing an open issue (please create one otherwise).
  • My code is tested and passes existing tests.
  • My code follows the Engineering Guidelines (updates are often made to the guidelines, check it out periodically).

@googlebot googlebot added the cla: yes Signed the Google CLA label Apr 1, 2020
@pierlon pierlon requested a review from westonruter April 1, 2020 23:45
@westonruter westonruter requested a review from schlessera April 2, 2020 00:06
$meta_element->parentNode->removeChild( $meta_element );
}

continue;
Copy link
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Why continue?

*/
if (
$meta_element->hasAttribute( 'name' ) &&
preg_match( '/(^|\\s)(amp-.*|amp4ads-.*|apple-itunes-app|content-disposition|revisit-after|viewport)(\\s|$)/', $meta_element->getAttribute( 'name' ) )
Copy link
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

It makes me nervous to hard-code this here. It seems better to grab it from the spec.

@westonruter westonruter added this to the v1.5.2 milestone Apr 2, 2020
@westonruter westonruter changed the title Do not process generic meta tags Only move meta tags to the head when required and add processing for meta[http-equiv] Apr 2, 2020
@westonruter
Copy link
Member

@pierlon Please review my additions.

Copy link
Contributor Author

@pierlon pierlon left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Thanks @westonruter, fetching the deny pattern from the spec makes things much more robust 👍 .

* @return string Deny pattern.
*/
private function get_body_meta_tag_name_attribute_deny_pattern() {
static $pattern = null;
Copy link
Contributor Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

My initial method of directly supplying the pattern was indeed brittle in retrospect. Getting the pattern from the spec and making it static is much more robust.

@@ -30,7 +61,42 @@ public function get_data_for_sanitize() {

$amp_boilerplate = amp_get_boilerplate_code();

return [
$meta_charset = '<meta charset="utf-8">';
Copy link
Contributor Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

These tests here are much more extensive than what I had before and covers the happy path of execution, along with potential mishaps that may occur 👍.

@westonruter westonruter merged commit 61ecee7 into develop Apr 2, 2020
@westonruter westonruter deleted the fix/4502-meta-tags-in-body branch April 2, 2020 14:44
@westonruter
Copy link
Member

Pre-release build for testing: amp.zip (1.5.2-alpha-20200402T153920Z-03af649a3)

westonruter added a commit that referenced this pull request Apr 2, 2020
…meta[http-equiv] (#4505)

* Do not process generic meta tags

* Obtain non-body meta name attribute pattern from spec

* Make use of BODY_ANCESTOR_META_TAG_SPEC_NAME constant

* Test meta[schema] and meta[property]

* Add recognition and repositioning of meta[http-equiv] elements

* Add critical use_document_element=true arg for AMP_Tag_And_Attribute_Sanitizer

* Add tests for the discrete spec'ed meta tags

Co-authored-by: Weston Ruter <westonruter@google.com>
@westonruter
Copy link
Member

@amedina
Copy link
Member

amedina commented Apr 3, 2020

QA: verified meta tags are not being moved to the head.

Screen Shot 2020-04-03 at 12 41 01 PM

Screen Shot 2020-04-03 at 12 40 48 PM

Screen Shot 2020-04-03 at 12 42 08 PM

westonruter added a commit that referenced this pull request Apr 3, 2020
* tag '1.5.2':
  Bump 1.5.2
  Bump version to 1.5.1-RC1
  Cache response status and headers when fetching external stylesheets (#4509)
  Fix securing multi-line mustache templates (#4521)
  Add CSS monitoring time series to Site Health debugging info (#4519)
  Update hostname used for WordPress TV embeds to fix external HTTP requests (#4524)
  Fix processing of element child sanitization loop when invalid elements are replaced with children (#4512)
  Account for more YouTube URL formats (#4508)
  Update selected featured image ID on select (#4453)
  Raise default threshold for disabling CSS caching (#4513)
  Cast i-amphtml-intrinsic-sizer dimensions to integers (#4506)
  Only move meta tags to the head when required and add processing for meta[http-equiv] (#4505)
  Fix failing tests (#4507)
  Bump 1.5.2-alpha
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Labels
cla: yes Signed the Google CLA
Projects
None yet
Development

Successfully merging this pull request may close these issues.

Meta sanitizer erroneously moves HTML5 microdata meta tags to head
5 participants