search

WPTT / WPThemeReview

PHP_CodeSniffer rules (sniffs) to enforce WordPress theme review coding conventions
MIT License
208 stars 38 forks source link

Add sniff for URL shorteners used in a theme #216

Closed dingo-d closed 5 years ago

dingo-d commented 5 years ago

Adds a check in the content for the URL shorteners.

Related issue: #179

dingo-d commented 5 years ago

4256d38#diff-3c0ff2ea9af505b6b940d0d24fc49c62R50

hootsuite's shortened URLs are ow.ly

https://github.com/cydrobolt/polr polrproject.net isn't a shortened URL it's a shortener (self-hosted ), not really a good way to detect that.

I could add polr.me to the list, but since it's self hosted shortener API there is no way to check for all the shorteners out there.

The general idea was to check for some of the most common shortened URLs.

The main question I have is: Is this meant to check for shortened URLs ? or for themes offering the use of URL shorteners ?

The sniff should check if shortened URLs are used somewhere in the theme, like link to the authors profile hardcoded in the footer or something like that. The issue with them is that we cannot know where they point to - could be to some spam site or who knows where.

I guess the test example is the issue, and looking at it now, I can see that this theme should have a closer inspection (sounds like its bundling some plugin functionality in the theme).

I'll change the list of the shortened URLs.

jrfnl commented 5 years ago

The sniff should check if shortened URLs are used somewhere in the theme

In that case, I'd suggest naming the sniff NoShortenedURLs or even just ShortenedURLs. The current sniff name gives the impression that it's about themes offering URL shortening within the theme.

dingo-d commented 5 years ago

@jrfnl I've made the changes you requested and added additional tests after searching the themes directory. I've found one peculiar case I didn't know how to process (or if it should be processed at all). There was a comment in scss file that looked like

// Better font-rendering - http://goo.gl/GLuNVb

Now I'm not sure that phpcs can sniff scss files. They are compiled to css, and these kind of comments are removed in the final product so I guess we can rule this out.

I did 'turn' this into css comment /* */ and tested against this and it detects this, so I guess it's ok.