Make WordPress Core


Ignore:
Timestamp:
03/12/2022 12:27:25 AM (2 years ago)
Author:
davidbaumwald
Message:

Formatting: Use safecss_filter_attr in wp_get_layout_style().

Previously, safecss_filter_attr did not allow for calc and var in parsed CSS. Because of this, wp_strip_all_tags was used in wp_get_layout_style to allow for the use of these CSS functions to account for responsive widths. [50923] added support for both of these CSS functions in KSES, so safecss_filter_attr can now be used in wp_get_layout_style as originally intended.

Follow-up to [52069].

Props grapplerulrich.
Fixes #55356.

File:
1 edited

Legend:

Unmodified
Added
Removed
  • trunk/src/wp-includes/block-supports/layout.php

    r52743 r52924  
    5555
    5656        // Make sure there is a single CSS rule, and all tags are stripped for security.
    57         // TODO: Use `safecss_filter_attr` instead - once https://core.trac.wordpress.org/ticket/46197 is patched.
    58         $all_max_width_value  = wp_strip_all_tags( explode( ';', $all_max_width_value )[0] );
    59         $wide_max_width_value = wp_strip_all_tags( explode( ';', $wide_max_width_value )[0] );
     57        $all_max_width_value  = safecss_filter_attr( explode( ';', $all_max_width_value )[0] );
     58        $wide_max_width_value = safecss_filter_attr( explode( ';', $wide_max_width_value )[0] );
    6059
    6160        $style = '';
Note: See TracChangeset for help on using the changeset viewer.