Commit 25f5fda041a for woocommerce

commit 25f5fda041a65ab24873242a19774ba4bfb5ffb0
Author: Tom Cafferkey <tjcafferkey@gmail.com>
Date:   Thu Jul 2 12:57:27 2026 +0100

    StoreAPI: Sanitize email instead of texturize it (#66148)

    * sanitize email instead of texturize it

    * Add changefile(s) from automation for the following project(s): woocommerce

    * Unit test

    * Fix changelog

    * Add changefile(s) from automation for the following project(s): woocommerce

    * Update changelog

    * Move test

    ---------

    Co-authored-by: woocommercebot <woocommercebot@users.noreply.github.com>

diff --git a/plugins/woocommerce/changelog/66148-fix-billing-address-response-checkout-block b/plugins/woocommerce/changelog/66148-fix-billing-address-response-checkout-block
new file mode 100644
index 00000000000..8147b2c51d3
--- /dev/null
+++ b/plugins/woocommerce/changelog/66148-fix-billing-address-response-checkout-block
@@ -0,0 +1,4 @@
+Significance: patch
+Type: fix
+
+Sanitize instead of texturize the email address in the StoreAPI response
diff --git a/plugins/woocommerce/src/StoreApi/Schemas/V1/BillingAddressSchema.php b/plugins/woocommerce/src/StoreApi/Schemas/V1/BillingAddressSchema.php
index 0b73b95faa9..d6c4b262857 100644
--- a/plugins/woocommerce/src/StoreApi/Schemas/V1/BillingAddressSchema.php
+++ b/plugins/woocommerce/src/StoreApi/Schemas/V1/BillingAddressSchema.php
@@ -131,6 +131,8 @@ class BillingAddressSchema extends AbstractAddressSchema {
 			foreach ( $address_object as $key => $value ) {
 				if ( isset( $this->get_properties()[ $key ]['type'] ) && 'boolean' === $this->get_properties()[ $key ]['type'] ) {
 					$address_object[ $key ] = (bool) $value;
+				} elseif ( 'email' === $key ) {
+					$address_object[ $key ] = sanitize_email( $value );
 				} else {
 					$address_object[ $key ] = $this->prepare_html_response( $value );
 				}
diff --git a/plugins/woocommerce/tests/php/src/StoreApi/Schemas/V1/AbstractAddressSchemaTest.php b/plugins/woocommerce/tests/php/src/StoreApi/Schemas/V1/AbstractAddressSchemaTest.php
index 8d7b053e0ad..40d90d0b525 100644
--- a/plugins/woocommerce/tests/php/src/StoreApi/Schemas/V1/AbstractAddressSchemaTest.php
+++ b/plugins/woocommerce/tests/php/src/StoreApi/Schemas/V1/AbstractAddressSchemaTest.php
@@ -112,4 +112,21 @@ class AbstractAddressSchemaTest extends WC_Unit_Test_Case {
 		$this->assertSame( '123 Main Street', $result['address_1'], 'A plain field should be unchanged.' );
 		$this->assertSame( 'Suite 100', $result['address_2'], 'A plain field should be unchanged.' );
 	}
+
+	/**
+	 * @testdox Should not texturize billing email addresses in API responses.
+	 */
+	public function test_get_item_response_does_not_texturize_billing_email_address(): void {
+		$customer = new \WC_Customer();
+		$customer->set_billing_email( 'info@48x17.com' );
+
+		$result = $this->sut->get_item_response( $customer );
+
+		$this->assertArrayHasKey( 'email', $result );
+		$this->assertSame(
+			'info@48x17.com',
+			$result['email'],
+			'Billing email addresses should be returned as raw data, not typographic display text.'
+		);
+	}
 }