WordPress.org
Get WordPress

Make WordPress Core


Ignore:
Timestamp:
06/10/2020 06:18:25 PM (5 years ago)
Author:
desrosj
Message:

General: Backport several commits for release.

  • Embeds: Ensure that the title attribute is set correctly on embeds.
  • Editor: Prevent HTML decoding on by setting the proper editor context.
  • Formatting: Ensure that wp_validate_redirect() sanitizes a wider variety of characters.
  • Themes: Ensure a broken theme name is returned properly.
  • Administration: Add a new filter to extend set-screen-option.

Merges [47947-47951] to the 5.1 branch.
Props xknown, sstoqnov, vortfu, SergeyBiryukov, whyisjake.

Location:
branches/5.1
Files:
2 edited

Legend:

Unmodified
Added
Removed

  • branches/5.1

  • branches/5.1/src/wp-includes/embed.php

    r44928 r47963  
    780780    return $node->asXML();
    781781}
     782
     783/**
     784 * Filters the given oEmbed HTML to make sure iframes have a title attribute.
     785 *
     786 * @since 5.2.0
     787 *
     788 * @param string $result The oEmbed HTML result.
     789 * @param object $data   A data object result from an oEmbed provider.
     790 * @param string $url    The URL of the content to be embedded.
     791 * @return string The filtered oEmbed result.
     792 */
     793function wp_filter_oembed_iframe_title_attribute( $result, $data, $url ) {
     794    if ( false === $result || ! in_array( $data->type, array( 'rich', 'video' ), true ) ) {
     795        return $result;
     796    }
     797
     798    $title = ! empty( $data->title ) ? $data->title : '';
     799
     800    $pattern = '`<iframe([^>]*)>`i';
     801    if ( preg_match( $pattern, $result, $matches ) ) {
     802        $attrs = wp_kses_hair( $matches[1], wp_allowed_protocols() );
     803
     804        foreach ( $attrs as $attr => $item ) {
     805            $lower_attr = strtolower( $attr );
     806            if ( $lower_attr === $attr ) {
     807                continue;
     808            }
     809            if ( ! isset( $attrs[ $lower_attr ] ) ) {
     810                $attrs[ $lower_attr ] = $item;
     811                unset( $attrs[ $attr ] );
     812            }
     813        }
     814    }
     815
     816    if ( ! empty( $attrs['title']['value'] ) ) {
     817        $title = $attrs['title']['value'];
     818    }
     819
     820    /**
     821     * Filters the title attribute of the given oEmbed HTML iframe.
     822     *
     823     * @since 5.2.0
     824     *
     825     * @param string $title  The title attribute.
     826     * @param string $result The oEmbed HTML result.
     827     * @param object $data   A data object result from an oEmbed provider.
     828     * @param string $url    The URL of the content to be embedded.
     829     */
     830    $title = apply_filters( 'oembed_iframe_title_attribute', $title, $result, $data, $url );
     831
     832    if ( '' === $title ) {
     833        return $result;
     834    }
     835
     836    if ( isset( $attrs['title'] ) ) {
     837        unset( $attrs['title'] );
     838        $attr_string = join( ' ', wp_list_pluck( $attrs, 'whole' ) );
     839        $result      = str_replace( $matches[0], '<iframe ' . trim( $attr_string ) . '>', $result );
     840    }
     841    return str_ireplace( '<iframe ', sprintf( '<iframe title="%s" ', esc_attr( $title ) ), $result );
     842}
     843
    782844
    783845/**
Note: See TracChangeset for help on using the changeset viewer.