WordPress.org

Make WordPress Core

Opened 3 weeks ago

Closed 12 days ago

Last modified 12 days ago

#48633 closed defect (bug) (invalid)

Twenty Twenty theme may be requires attached patch coding changes.

Reported by: chintan1896 Owned by:
Milestone: Priority: normal
Severity: normal Version:
Component: Bundled Theme Keywords:
Focuses: Cc:
PR Number:

Description

I was passed out twenty twenty theme code and i was saw below code i think this code need to be change.

Attachments (1)

48633.diff (1.5 KB) - added by chintan1896 3 weeks ago.

Download all attachments as: .zip

Change History (8)

@chintan1896
3 weeks ago

#1 @SergeyBiryukov
3 weeks ago

  • Component changed from Themes to Bundled Theme

#2 @Otto42
3 weeks ago

  • Milestone Awaiting Review deleted
  • Resolution set to invalid
  • Status changed from new to closed

@chintan1896 This code appears to already be correct to me. All you have done in your patch is to remove the additional classes from the post meta, and incorrectly eliminated the attribute escaping on the header.

#3 @chintan1896
13 days ago

@Otto42

Please check this variable scope in theme. We don't need use this variable because this variable has null throughout theme.

$post_meta_classes

I follow latest WordPress theme for coding standards but /wp-content/themes/twentytwenty/template-parts/entry-header.php in this file have two static variables one variable was escaped and one variable was not escaped.

<header class="entry-header has-text-align-center<?php echo esc_attr( $entry_header_classes ); ?>">

<div class="intro-text section-inner max-percentage<?php echo $intro_text_width; //phpcs:ignore WordPress.Security.EscapeOutput.OutputNotEscaped -- static output ?>">

#4 @chintan1896
12 days ago

  • Resolution invalid deleted
  • Status changed from closed to reopened

#5 @Otto42
12 days ago

  • Resolution set to invalid
  • Status changed from reopened to closed

Please do not reopen tickets without a valid reason. Thanks.

#6 follow-up: @Otto42
12 days ago

The $intro_text_width is correct in that it not meant to be filterable, it's "small" or "thin" and that's it, more or less. Thus, no need for escaping.

The $post_meta_classes (and the $post_meta_wrapper_classes) appear to have been intended to be filterable but the apply_filters calls are missing. This should be corrected in the next version of the theme. However, had they been filterable, then these escapes would be correct.

#7 in reply to: ↑ 6 @chintan1896
12 days ago

Hey @Otto42, thanks for your kind reply. Can i add patch with filter of $post_meta_classes?

Last edited 12 days ago by chintan1896 (previous) (diff)
Note: See TracTickets for help on using tickets.