Automattic / VIP-Coding-Standards

PHP_CodeSniffer ruleset to enforce WordPress VIP coding standards.
https://wpvip.com/documentation/how-to-install-php-code-sniffer-for-wordpress-com-vip/
Other
236 stars 40 forks source link

False positive htmlAttrNotByEscHTML #680

Closed kkmuffme closed 3 years ago

kkmuffme commented 3 years ago

Bug Description

False positive

Minimal Code Snippet

for ( $i = 1; $i <= 10; $i++ ) { ?>
    <option value="<?php echo esc_attr( $i ); ?>" <?php echo ( $filter_importance === $i ) ? 'selected' : ''; ?> >
        &gt;=<?php echo esc_html( $i ); ?>
    </option>
<?php } ?>

Error Code

WordPressVIPMinimum.Security.ProperEscapingFunction.htmlAttrNotByEscHTML for &gt;=<?php echo esc_html( $i ); ?>

Environment

Use php -v and composer show to get versions.

Question Answer
PHP version 7.4.14
PHP_CodeSniffer version 3.6.0
VIPCS version 2.3.1

Tested Against master branch?

jrfnl commented 3 years ago

This should be fixed by PR #681. Testing appreciated.