ampproject / amp-wp

Enable AMP on your WordPress site, the WordPress way.
https://wordpress.org/plugins/amp/
GNU General Public License v2.0
1.79k stars 383 forks source link

Site scanner Inconsistencies. #6668

Closed milindmore22 closed 3 years ago

milindmore22 commented 3 years ago

Bug Description

As per comment https://github.com/ampproject/amp-wp/pull/6610#issuecomment-953006468 and https://github.com/ampproject/amp-wp/pull/6610#issuecomment-953169660

Rescanning the site show no errors however we do see errors in response pointing to the core, following is sample json

Here is full Pastebin of a response JSON

Expected Behaviour

Should point out the actual plugin causing the invalidations and not the core.

Screenshots

Errors on the bbpress forum topics

image

Errors expanded

image

PHP Version

7.4

Plugin Version

develop

AMP plugin template mode

Reader

WordPress Version

5.8

Site Health

### wp-core ###

version: 5.8.1
site_language: en_US
user_language: en_US
timezone: +00:00
permalink: /%postname%/
https_status: true
multisite: false
user_registration: 0
blog_public: 0
default_comment_status: open
environment_type: production
user_count: 3
dotorg_communication: true

### wp-paths-sizes ###

wordpress_path: /srv/www/amp-local/public_html
wordpress_size: loading...
uploads_path: /srv/www/amp-local/public_html/wp-content/uploads
uploads_size: loading...
themes_path: /srv/www/amp-local/public_html/wp-content/themes
themes_size: loading...
plugins_path: /srv/www/amp-local/public_html/wp-content/plugins
plugins_size: loading...
database_size: loading...
total_size: loading...

### wp-active-theme ###

name: ColorMag (colormag)
version: 2.1.0
author: ThemeGrill
author_website: https://themegrill.com
parent_theme: none
theme_features: core-block-patterns, widgets-block-editor, automatic-feed-links, post-thumbnails, menus, custom-background, title-tag, post-formats, html5, custom-logo, customize-selective-refresh-widgets, align-wide, wp-block-styles, responsive-embeds, starter-content, custom-header, widgets
theme_path: /srv/www/amp-local/public_html/wp-content/themes/colormag
auto_update: Disabled

### wp-themes-inactive (6) ###

Twenty Fifteen Child: version: 1.0.0, author: John Doe, Auto-updates disabled
Twenty Fifteen: version: 3.0, author: the WordPress team, Auto-updates disabled
Twenty Nineteen: version: 2.1, author: the WordPress team, Auto-updates disabled
Twenty Seventeen: version: 2.8, author: the WordPress team, Auto-updates disabled
Twenty Twenty: version: 1.8, author: the WordPress team, Auto-updates disabled
Twenty Twenty-One: version: 1.4, author: the WordPress team, Auto-updates disabled

### wp-plugins-active (2) ###

AMP: version: 2.2.0-alpha, author: AMP Project Contributors, Auto-updates disabled
bbPress: version: 2.6.6, author: The bbPress Contributors, Auto-updates disabled

### wp-plugins-inactive (5) ###

Akismet Anti-Spam: version: 4.2.1, author: Automattic, Auto-updates disabled
Contact Form 7: version: 5.5.2, author: Takayuki Miyoshi, Auto-updates disabled
Hello Dolly: version: 1.7.2, author: Matt Mullenweg, Auto-updates disabled
WordPress Importer: version: 0.7, author: wordpressdotorg, Auto-updates disabled
Yoast SEO: version: 17.4, author: Team Yoast, Auto-updates disabled

### wp-media ###

image_editor: WP_Image_Editor_Imagick
imagick_module_version: 1687
imagemagick_version: ImageMagick 6.9.7-4 Q16 x86_64 20170114 http://www.imagemagick.org
imagick_version: 3.5.1
file_uploads: File uploads is turned off
post_max_size: 1024M
upload_max_filesize: 1024M
max_effective_size: 1 GB
max_file_uploads: 20
imagick_limits: 
    imagick::RESOURCETYPE_AREA: 122 MB
    imagick::RESOURCETYPE_DISK: 1073741824
    imagick::RESOURCETYPE_FILE: 768
    imagick::RESOURCETYPE_MAP: 512 MB
    imagick::RESOURCETYPE_MEMORY: 256 MB
    imagick::RESOURCETYPE_THREAD: 1
imagemagick_file_formats: 3FR, AAI, AI, ART, ARW, AVI, AVS, BGR, BGRA, BGRO, BIE, BMP, BMP2, BMP3, BRF, CAL, CALS, CANVAS, CAPTION, CIN, CIP, CLIP, CMYK, CMYKA, CR2, CRW, CUR, CUT, DATA, DCM, DCR, DCX, DDS, DFONT, DNG, DPX, DXT1, DXT5, EPDF, EPI, EPS, EPS2, EPS3, EPSF, EPSI, EPT, EPT2, EPT3, ERF, FAX, FILE, FITS, FRACTAL, FTP, FTS, G3, G4, GIF, GIF87, GRADIENT, GRAY, GROUP4, H, HALD, HDR, HISTOGRAM, HRZ, HTM, HTML, HTTP, HTTPS, ICB, ICO, ICON, IIQ, INFO, INLINE, IPL, ISOBRL, ISOBRL6, JBG, JBIG, JNG, JNX, JPE, JPEG, JPG, JPS, JSON, K25, KDC, LABEL, M2V, M4V, MAC, MAGICK, MAP, MASK, MAT, MATTE, MEF, MIFF, MKV, MNG, MONO, MOV, MP4, MPC, MPEG, MPG, MRW, MSL, MTV, MVG, NEF, NRW, NULL, ORF, OTB, OTF, PAL, PALM, PAM, PATTERN, PBM, PCD, PCDS, PCL, PCT, PCX, PDB, PDF, PDFA, PEF, PES, PFA, PFB, PFM, PGM, PICON, PICT, PIX, PJPEG, PLASMA, PNG, PNG00, PNG24, PNG32, PNG48, PNG64, PNG8, PNM, PPM, PREVIEW, PS, PS2, PS3, PSB, PSD, PTIF, PWP, RADIAL-GRADIENT, RAF, RAS, RAW, RGB, RGBA, RGBO, RGF, RLA, RLE, RMF, RW2, SCR, SCT, SFW, SGI, SHTML, SIX, SIXEL, SPARSE-COLOR, SR2, SRF, STEGANO, SUN, TEXT, TGA, THUMBNAIL, TIFF, TIFF64, TILE, TIM, TTC, TTF, TXT, UBRL, UBRL6, UIL, UYVY, VDA, VICAR, VID, VIFF, VIPS, VST, WBMP, WMV, WPG, X, X3F, XBM, XC, XCF, XPM, XPS, XV, XWD, YCbCr, YCbCrA, YUV
gd_version: 2.3.0
gd_formats: GIF, JPEG, PNG, WebP, BMP, XPM
ghostscript_version: 9.26

### wp-server ###

server_architecture: Linux 4.15.0-161-generic x86_64
httpd_software: nginx/1.21.3
php_version: 7.4.24 64bit
php_sapi: fpm-fcgi
max_input_variables: 1000
time_limit: 30
memory_limit: 128M
admin_memory_limit: 256M
max_input_time: 60
upload_max_filesize: 1024M
php_post_max_size: 1024M
curl_version: 7.58.0 OpenSSL/1.1.1
suhosin: false
imagick_availability: true
pretty_permalinks: true

### wp-database ###

extension: mysqli
server_version: 10.5.12-MariaDB-1:10.5.12+maria~bionic
client_version: mysqlnd 7.4.24

### wp-constants ###

WP_HOME: undefined
WP_SITEURL: undefined
WP_CONTENT_DIR: /srv/www/amp-local/public_html/wp-content
WP_PLUGIN_DIR: /srv/www/amp-local/public_html/wp-content/plugins
WP_MEMORY_LIMIT: 40M
WP_MAX_MEMORY_LIMIT: 256M
WP_DEBUG: true
WP_DEBUG_DISPLAY: true
WP_DEBUG_LOG: true
SCRIPT_DEBUG: true
WP_CACHE: false
CONCATENATE_SCRIPTS: undefined
COMPRESS_SCRIPTS: undefined
COMPRESS_CSS: undefined
WP_LOCAL_DEV: undefined
DB_CHARSET: utf8
DB_COLLATE: undefined

### wp-filesystem ###

wordpress: writable
wp-content: writable
uploads: writable
plugins: writable
themes: writable
mu-plugins: writable

### amp_wp ###

amp_slug_query_var: amp
amp_slug_defined_late: false
amp_mode_enabled: reader
amp_reader_theme: legacy
amp_templates_enabled: post, page, attachment
amp_serve_all_templates: This option does not apply to Reader mode.
amp_css_transient_caching_disabled: false
amp_css_transient_caching_threshold: 5000 transients per day
amp_css_transient_caching_sampling_range: 14 days
amp_css_transient_caching_transient_count: 91
amp_css_transient_caching_time_series: 
    20210420: 0
    20210603: 0
    20210607: 0
    20210609: 0
    20210615: 57
    20210625: 57
    20210802: 20
    20210809: 20
    20211020: 0
    20211021: 0
    20211026: 28
    20211027: 69
    20211028: 88
    20211029: 91
amp_libxml_version: 2.9.12

Gutenberg Version

checked without gutenberg

OS(s) Affected

NA

Browser(s) Affected

NA

Device(s) Affected

NA

Acceptance Criteria

No response

Implementation Brief

No response

QA Testing Instructions

No response

Demo

No response

Changelog Entry

No response

westonruter commented 3 years ago

I see. It's because bbPress is adding the Quicktags to the forum reply form:

image

I can see the errors specifically when in legacy Reader mode:

image

The reason we're not detecting it coming from bbPress is that bbPress has a template tag bbp_the_content() which is calling wp_editor(). If I filter bbp_use_wp_editor to be false, then those unattributed validation errors go away.

Since the printing isn't happening via an action, there's no callback for us to wrap to detect who is responsible. And because wp_enqueue_script() doesn't have any hooks inside of it, we can't use debug_backtrace() to look up the call stack to discover the source either.

One option would be for us to add special condition to mark all scripts/styles added by wp_editor() as being in dev mode so that they won't be removed, which would work since the form is only printed when a user is logged-in, unless this option is enabled:

image

This wouldn't necessary if in the loose sandboxing level, however.

Otherwise, the reality is that bbPress is not AMP-compatible. In legacy Reader mode, nothing is even printed in the legacy post template:

image

I'm trying to think of how we might special case calls to wp_editor() for attribution.

westonruter commented 3 years ago

I'm trying to think of how we might special case calls to wp_editor() for attribution.

I've added the special case in #6670.

milindmore22 commented 2 years ago

QA Passed Didn't notice any validation errors pointing to WP Core.