[wp-trac] [WordPress Trac] #63999: Ensure block comments are only displayed when requested and not in the comments thread

WordPress Trac noreply at wordpress.org
Wed Oct 1 12:09:32 UTC 2025 

#63999: Ensure block comments are only displayed when requested and not in the
comments thread
----------------------------+---------------------
 Reporter:  peterwilsoncc   |       Owner:  (none)
     Type:  task (blessed)  |      Status:  new
 Priority:  normal          |   Milestone:  6.9
Component:  Comments        |     Version:
 Severity:  normal          |  Resolution:
 Keywords:  has-patch       |     Focuses:
----------------------------+---------------------

Comment (by rollybueno):

 == Reproduction Report
 === Description
 This report validates whether block comments appear in public comment
 queries when they should be private by default.

 === Environment
 - WordPress: 6.9-alpha-60093-src
 - PHP: 8.2.29
 - Server: nginx/1.29.1
 - Database: mysqli (Server: 8.4.6 / Client: mysqlnd 8.2.29)
 - Browser: Chrome 140.0.0.0
 - OS: Linux
 - Theme: Twenty Twenty-Five 1.3
 - MU Plugins: None activated
 - Plugins:
   * Test Reports 1.2.0

 === Steps to Reproduce
 1. Create a post and add at least one normal comment and one block
 comment.
 2. Run get_comments() with these args:
 {{{
 ['post_id' => $post_id, 'status' => 'approve']
 ['post_id' => $post_id, 'type' => '', 'status' => 'approve']
 ['post_id' => $post_id, 'type' => 'all', 'status' => 'approve']
 }}}
 3. Observe that `block_comment` types are returned in each case.

 === Actual Results
 1. ✅ Error condition occurs (reproduced).

 === Additional Notes
 - `block_comment` created by the Gutenberg collaborative editing feature.
 I added through REST API since I can't find the interface 😅, but the
 experimental feature should be clearly speficy `block_comment` on the
 codes..
 - They are intended for internal/editorial use only and should never
 appear in public queries by default.
 - Currently, they are returned in the most common query cases (type unset,
 empty, or all).
 - This behavior risks exposing private editorial notes on the front end.

-- 
Ticket URL: <https://core.trac.wordpress.org/ticket/63999#comment:2>
WordPress Trac <https://core.trac.wordpress.org/>
WordPress publishing platform

More information about the wp-trac mailing list