Add PWA scripts sanitizer

[thelovekesh]

Summary

Add PWA scripts sanitizer which adds data-px-verified-tag to the offline/500 pages scripts.

Fixes #7122

Screenshots

Storing offline/500 templates in cache as AMP page with offline page reload scripts.

Checklist

• My code is tested and passes existing tests.
• My code follows the Engineering Guidelines (updates are often made to the guidelines, check it out periodically).

[thelovekesh]

@westonruter I have created XPath based on the offline script id attribute, which was added in PR - GoogleChromeLabs/pwa-wp#793

One more thing to notice is that if the PWA plugin is not available in the testing environment, the test for this sanitizer will fail due to the unavailability of is_offline and is_500. I thought to add this condition in tests but it doesn't seems much feasible. What are your thoughts in this case?

if (
	! ( function_exists( 'is_offline' ) && is_offline() ) &&
	! ( function_exists( 'is_500' ) && is_500() )
) {
	return;
}

[github-actions]

Plugin builds for 8dc21de are ready 🛎️!

• Download development build
• Download production build

[thelovekesh]

Tests are failing on WP Trunk after adding decoding="async" attribute in image tags in WordPress/wordpress-develop@2702591

[westonruter]

Tests are failing on WP Trunk after adding decoding="async" attribute in image tags in WordPress/wordpress-develop@2702591

As we discussed, to fix this lets just do the following in the various tests before we do any comparison with the $expected:

$actual = str_replace( ' decoding="async"', '', $actual );

[thelovekesh]

@westonruter I was exploring this scenario and found out that something like this was also added for the loading attribute but instead of hardcoding that a conditional expression is used

amp-wp/tests/php/test-amp-gallery-embed-handler.php

Lines 73 to 87 in 67cf385

	$loading_attribute = version_compare( get_bloginfo( 'version' ), '5.5-alpha', '>' ) ? 'loading="lazy"' : '';
	return [
	'shortcode_with_invalid_id' => [
	'[gallery ids=1]',
	'',
	],
	'shortcode_with_valid_ids_in_legacy_mode' => [
	'[gallery ids={{id1}},{{id2}},{{id3}}]',
	'<style type="text/css"> #gallery-1 { margin: auto; } #gallery-1 .gallery-item { float: left; margin-top: 10px; text-align: center; width: 33%; } #gallery-1 img { border: 2px solid #cfcfcf; } #gallery-1 .gallery-caption { margin-left: 0; } /* see gallery_shortcode() in wp-includes/media.php */ </style>
	<amp-carousel width="640" height="480" type="slides" layout="responsive">
	<figure class="slide"><a href="{{file_url1}}"><img width="100" height="100" src="{{file1}}.jpg" class="attachment-large size-large" alt="Alt text" ' . $loading_attribute . ' aria-describedby="gallery-1-{{id1}}" layout="fill" object-fit="cover"></a>' . $amp_carousel_caption . '</figure>
	<figure class="slide"><a href="{{file_url2}}"><img width="640" height="480" src="{{file2}}.jpg" class="attachment-large size-large" alt="Alt text" ' . $loading_attribute . ' srcset="{{file2}}.jpg 640w, {{file2}}-300x225.jpg 300w" sizes="(max-width: 640px) 100vw, 640px" layout="fill" object-fit="cover"></a></figure>
	<figure class="slide"><a href="{{file_url3}}"><img width="100" height="100" src="{{file3}}.jpg" class="attachment-large size-large" alt="Alt text" ' . $loading_attribute . ' layout="fill" object-fit="cover"></a></figure>
	</amp-carousel>',

Should I try something similar?

$decoding_attribute   = version_compare( get_bloginfo( 'version' ), '6.0', '>' ) ? 'decoding="async"' : '';

I believe the decoding attribute is going to be introduced in 6.1.

[westonruter]

Should I try something similar?

That would be better, yes.

[thelovekesh]

@westonruter Now the static analysis is failing. I think this can be because of the new PHPStan release.

With PHPStan version 1.7.11

With PHPStan version 1.7.12

[westonruter]

Here's how I've been forcing to update my local PHPStan:

rm vendor/bin/phpstan
composer install --no-cache

[thelovekesh]

Thanks for the info on this step 🙇🏼‍♂️

[westonruter]

Good work. Thank you.