升级到 Wordpress 5.4 后,我们发现它<p>在 Javascript 代码中插入了流氓标签,而这些代码以前用于我们的 Buddypress 活动提要。
代码包含在对 bp_get_template_part 的调用中:
bp_get_template_part( 'activity/submit-tabs' );
下面是来自 Web 检查器的代码示例,显示了这些 roque<p>标记:
<p><script>
jQuery(function($) {
var input = $('#our-activity-action-input');
var privacy = $('#our-activity-action-privacy');
var type = $('#our-activity-action-type');
var button = $('#our-activity-action-button');</p>
<p> type.change(function() {
var typeValue = type.val();
var placeholder = '';</p>
<p> if (typeValue == 'news') {
placeholder = 'Enter the URL of a news article you’d like to rate or fact-check.';
}</p>
<p> input.attr('placeholder', placeholder);
});</p>
<p> button.click(function() {
var inputValue = input.val().trim();</p>
<p> if (!inputValue) {
input.val('').focus();
return false;
}</p>
<p> var submitAction = function() {
var typeValue = type.val();</p>
<p> var action;
var actionInput;
var actionSubmit;</p>
<p> if (typeValue == 'news') {
action = $('.our-activity-actions .action-news');
actionInput = action.find('#af_ournews_url_input');
actionSubmit = action.find('#af_ournews_url_submit');
} else if (typeValue == 'claim') {
action = $('.our-activity-actions .action-claim');
actionInput = action.find('#af_ournews_url_input_quote');
actionSubmit = action.find('#af_ournews_url_submit_quote');
} else if (typeValue == 'status') {
action = $('.our-activity-actions .action-status');
actionInput = action.find('#whats-new');
actionSubmit = action.find('#aw-whats-new-submit');
}
千巷猫影