Performance/BatcacheWhitelistedParams: remove the sniff #774
Conversation
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
* Remove the sniff.
* Remove the related test in the `WordPressVIPMinimum/ruleset-test.inc` file.
* Remove the error silencing from VIP-Go.
* Remove the related test in the `WordPress-VIP-Go/ruleset-test.inc` file.
This one is a little more involved. Basically the call to `wp_verify_nonce()`, which is being removed, was "silencing" the nonce verification error for other tests as well, most notably for the tests on line 83-85, due to most tests being in the global scope.
Looking at it more closely, turns out that line 83 wasn't testing what it was supposed to be testing.
The error which was previously being thrown on line 83 was about the nonce verification being missing, while the test is annotated to be about the `WordPress.Security.ValidatedSanitizedInput[.InputNotSanitized]` error, which wasn't being thrown.
Adding a nonce verification check on some empty lines above these tests gets rid of the nonce verification errors, but now left line 83 not testing anything at all (as no key is accessed in the superglobal).
Adding a random key gets us the error which was intended to be thrown on this line, but now also adds the "missing validation" error. IMO, this is correct (better than it was before), so I'm also updating the test expectations for line 83.
GaryJones
force-pushed
the
3.0/fix/613-remove-batcache-sniff
branch
from
18a2f4b to
7eabe1b
Compare
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
WordPressVIPMinimum/ruleset-test.incfile.WordPress-VIP-Go/ruleset-test.incfile.This one is a little more involved. Basically the call to
wp_verify_nonce(), which is being removed, was "silencing" the nonce verification error for other tests as well, most notably for the tests on line 83-85, due to most tests being in the global scope.Looking at it more closely, turns out that line 83 wasn't testing what it was supposed to be testing.
The error which was previously being thrown on line 83 was about the nonce verification being missing, while the test is annotated to be about the
WordPress.Security.ValidatedSanitizedInput[.InputNotSanitized]error, which wasn't being thrown.Adding a nonce verification check on some empty lines above these tests gets rid of the nonce verification errors, but now left line 83 not testing anything at all (as no key is accessed in the superglobal).
Adding a random key gets us the error which was intended to be thrown on this line, but now also adds the "missing validation" error. IMO, this is correct (better than it was before), so I'm also updating the test expectations for line 83.
Fixes #613