Ticket #55966: 55966.4.diff
File 55966.4.diff, 2.7 KB (added by , 2 years ago) |
---|
-
src/wp-includes/kses.php
diff --git a/src/wp-includes/kses.php b/src/wp-includes/kses.php index 1c581b3714..51a5d29d7e 100644
a b function safecss_filter_attr( $css, $deprecated = '' ) { 2471 2471 $css_test_string = preg_replace( '/\b(?:calc|min|max|minmax|clamp)\(((?:\([^()]*\)?|[^()])*)\)/', '', $css_test_string ); 2472 2472 2473 2473 // Allow CSS var(). 2474 $css_test_string = preg_replace( '/\(?var\(--[\w \-\()[\]\,\s]*\)/', '', $css_test_string );2474 $css_test_string = preg_replace( '/\(?var\(--[\w|%\-\()[\]\,\s]*\)/', '', $css_test_string ); 2475 2475 2476 2476 // Check for any CSS containing \ ( & } = or comments, 2477 2477 // except for url(), calc(), or var() usage checked above. -
tests/phpunit/tests/kses.php
diff --git a/tests/phpunit/tests/kses.php b/tests/phpunit/tests/kses.php index 9f5648e8df..8ac8581b26 100644
a b EOF; 1141 1141 'css' => 'width: clamp(100px, 50%, 100vw)', 1142 1142 'expected' => 'width: clamp(100px, 50%, 100vw)', 1143 1143 ), 1144 // Allow two functions in the same CSS. 1145 array( 1146 'css' => 'width: clamp(min(100px, 350px), 50%, 500px), 600px)', 1147 'expected' => 'width: clamp(min(100px, 350px), 50%, 500px), 600px)', 1148 ), 1149 // Allow gradient() function. 1150 array( 1151 'css' => 'background: linear-gradient(90deg, rgba(2,0,36,1) 0%, rgba(9,9,121,1) 35%, rgba(0,212,255,1) 100%)', 1152 'expected' => 'background: linear-gradient(90deg, rgba(2,0,36,1) 0%, rgba(9,9,121,1) 35%, rgba(0,212,255,1) 100%)', 1153 ), 1144 1154 // Combined CSS function names. 1145 1155 array( 1146 1156 'css' => 'width: calcmax(100px + 50%)', … … EOF; 1161 1171 'css' => 'padding: var(--wp-var1, 10px)', 1162 1172 'expected' => 'padding: var(--wp-var1, 10px)', 1163 1173 ), 1174 // Allow var() with fallback (percentage). 1175 array( 1176 'css' => 'padding: var(--wp-var1, 50%)', 1177 'expected' => 'padding: var(--wp-var1, 50%)', 1178 ), 1164 1179 // Allow var() with fallback var(). 1165 1180 array( 1166 1181 'css' => 'background-color: var(--wp-var, var(--wp-var-fallback, pink))', 1167 1182 'expected' => 'background-color: var(--wp-var, var(--wp-var-fallback, pink))', 1168 1183 ), 1184 // Allow var() with square brackets. 1185 array( 1186 'css' => 'background-color: var(--wp-var, [pink])', 1187 'expected' => 'background-color: var(--wp-var, [pink])', 1188 ), 1169 1189 // Allow calc() with var(). 1170 1190 array( 1171 1191 'css' => 'margin-top: calc(var(--wp-var1) * 3 + 2em)', 1172 1192 'expected' => 'margin-top: calc(var(--wp-var1) * 3 + 2em)', 1173 1193 ), 1194 // Malformed var() with fallback. 1195 array( 1196 'css' => 'padding: var(--wp-var1, 50$)', 1197 'expected' => '', 1198 ), 1174 1199 // Malformed min, no closing `)`. 1175 1200 array( 1176 1201 'css' => 'width: min(3em + 10px',