WordPress.org
Get WordPress

Make WordPress Core


Ignore:
Timestamp:
02/12/2026 04:18:09 AM (6 weeks ago)
Author:
ramonopoly
Message:

WP_Theme_JSON: preserve valid non-preset settings for lightbox when KSES filters are active

Extends VALID_SETTINGS entries to also do type validation (as well as schema key validation) for the lightbox settings only.

Previously, when KSES filters were active (via add_action( 'init', 'kses_init_filters' )), valid non-preset settings in Global Styles were being incorrectly filtered out. For example, lightbox.enabled and lightbox.allowEditing for Image blocks.

The idea is that VALID_SETTINGS values can act as type validation for further valid settings.

Props ramonopoly, mmtr86, oandregal, wildworks, westonruter, andrewserong.

Fixes #64280.

File:
1 edited

Legend:

Unmodified
Added
Removed

  • trunk/tests/phpunit/tests/theme/wpThemeJson.php

    r61607 r61618  
    69066906        $this->assertSame( $expected, $theme_json->get_stylesheet( array( 'styles' ), null, array( 'skip_root_layout_styles' => true ) ) );
    69076907    }
     6908
     6909    /**
     6910     * @covers WP_Theme_JSON::sanitize
     6911     * @covers WP_Theme_JSON::remove_keys_not_in_schema
     6912     *
     6913     * @ticket 64280
     6914     */
     6915    public function test_sanitize_preserves_boolean_values_when_schema_expects_boolean() {
     6916        $theme_json = new WP_Theme_JSON(
     6917            array(
     6918                'version'  => WP_Theme_JSON::LATEST_SCHEMA,
     6919                'settings' => array(
     6920                    'lightbox' => array(
     6921                        'enabled'      => true,
     6922                        'allowEditing' => false,
     6923                    ),
     6924                ),
     6925            )
     6926        );
     6927
     6928        $settings = $theme_json->get_settings();
     6929        $this->assertTrue( $settings['lightbox']['enabled'], 'Enabled should be true' );
     6930        $this->assertFalse( $settings['lightbox']['allowEditing'], 'Allow editing should be false' );
     6931    }
     6932
     6933    /**
     6934     * @covers WP_Theme_JSON::sanitize
     6935     * @covers WP_Theme_JSON::remove_keys_not_in_schema
     6936     *
     6937     * @ticket 64280
     6938     */
     6939    public function test_sanitize_removes_non_boolean_values_when_schema_expects_boolean() {
     6940        $theme_json = new WP_Theme_JSON(
     6941            array(
     6942                'version'  => WP_Theme_JSON::LATEST_SCHEMA,
     6943                'settings' => array(
     6944                    'lightbox' => array(
     6945                        'enabled'      => 'not-a-boolean',
     6946                        'allowEditing' => 123,
     6947                    ),
     6948                ),
     6949            )
     6950        );
     6951
     6952        $settings = $theme_json->get_settings();
     6953        $this->assertArrayNotHasKey( 'enabled', $settings['lightbox'] ?? array(), 'Enabled should be removed' );
     6954        $this->assertArrayNotHasKey( 'allowEditing', $settings['lightbox'] ?? array(), 'Allow editing should be removed' );
     6955    }
     6956
     6957    /**
     6958     * @covers WP_Theme_JSON::sanitize
     6959     * @covers WP_Theme_JSON::remove_keys_not_in_schema
     6960     *
     6961     * @ticket 64280
     6962     */
     6963    public function test_sanitize_preserves_boolean_values_in_block_settings() {
     6964        $theme_json = new WP_Theme_JSON(
     6965            array(
     6966                'version'  => WP_Theme_JSON::LATEST_SCHEMA,
     6967                'settings' => array(
     6968                    'blocks' => array(
     6969                        'core/image' => array(
     6970                            'lightbox' => array(
     6971                                'enabled'      => true,
     6972                                'allowEditing' => false,
     6973                            ),
     6974                        ),
     6975                    ),
     6976                ),
     6977            )
     6978        );
     6979
     6980        $settings = $theme_json->get_settings();
     6981        $this->assertTrue( $settings['blocks']['core/image']['lightbox']['enabled'], 'Enabled should be true' );
     6982        $this->assertFalse( $settings['blocks']['core/image']['lightbox']['allowEditing'], 'Allow editing should be false' );
     6983    }
     6984
     6985    /**
     6986     * @covers WP_Theme_JSON::sanitize
     6987     * @covers WP_Theme_JSON::remove_keys_not_in_schema
     6988     *
     6989     * @ticket 64280
     6990     */
     6991    public function test_sanitize_removes_non_boolean_values_in_block_settings() {
     6992        $theme_json = new WP_Theme_JSON(
     6993            array(
     6994                'version'  => WP_Theme_JSON::LATEST_SCHEMA,
     6995                'settings' => array(
     6996                    'blocks' => array(
     6997                        'core/image' => array(
     6998                            'lightbox' => array(
     6999                                'enabled'      => 'string-value',
     7000                                'allowEditing' => array( 'not', 'a', 'boolean' ),
     7001                            ),
     7002                        ),
     7003                    ),
     7004                ),
     7005            )
     7006        );
     7007
     7008        $settings = $theme_json->get_settings();
     7009        $lightbox = $settings['blocks']['core/image']['lightbox'] ?? array();
     7010        $this->assertArrayNotHasKey( 'enabled', $lightbox, 'Enabled should be removed' );
     7011        $this->assertArrayNotHasKey( 'allowEditing', $lightbox, 'Allow editing should be removed' );
     7012    }
     7013
     7014    /**
     7015     * @covers WP_Theme_JSON::sanitize
     7016     * @covers WP_Theme_JSON::remove_keys_not_in_schema
     7017     *
     7018     * @ticket 64280
     7019     */
     7020    public function test_sanitize_preserves_null_schema_behavior() {
     7021        // Test that settings with null in schema (no type validation) still accept any type.
     7022        $theme_json = new WP_Theme_JSON(
     7023            array(
     7024                'version'  => WP_Theme_JSON::LATEST_SCHEMA,
     7025                'settings' => array(
     7026                    'appearanceTools' => 'string-value', // null in schema, should accept any type.
     7027                    'custom'          => array( 'nested' => 'value' ), // null in schema, should accept any type.
     7028                ),
     7029            )
     7030        );
     7031
     7032        $settings = $theme_json->get_settings();
     7033        $this->assertSame( 'string-value', $settings['appearanceTools'], 'Appearance tools should be string value' );
     7034        $this->assertSame( array( 'nested' => 'value' ), $settings['custom'], 'Custom should be array value' );
     7035    }
    69087036}
Note: See TracChangeset for help on using the changeset viewer.