WordPress.org

Make WordPress Core

Opened 2 months ago

Closed 2 months ago

Last modified 2 months ago

#48633 closed defect (bug) (invalid)

Twenty Twenty theme may be requires attached patch coding changes.

Reported by: chintan1896 Owned by:
Milestone: Priority: normal
Severity: normal Version:
Component: Bundled Theme Keywords:
Focuses: Cc:
PR Number:

Description

I was passed out twenty twenty theme code and i was saw below code i think this code need to be change.

Attachments (1)

48633.diff (1.5 KB) - added by chintan1896 2 months ago.

Download all attachments as: .zip

Change History (8)

@chintan1896
2 months ago

#1 @SergeyBiryukov
2 months ago

  • Component changed from Themes to Bundled Theme

#2 @Otto42
2 months ago

  • Milestone Awaiting Review deleted
  • Resolution set to invalid
  • Status changed from new to closed

@chintan1896 This code appears to already be correct to me. All you have done in your patch is to remove the additional classes from the post meta, and incorrectly eliminated the attribute escaping on the header.

#3 @chintan1896
2 months ago

@Otto42

Please check this variable scope in theme. We don't need use this variable because this variable has null throughout theme.

$post_meta_classes

I follow latest WordPress theme for coding standards but /wp-content/themes/twentytwenty/template-parts/entry-header.php in this file have two static variables one variable was escaped and one variable was not escaped.

<header class="entry-header has-text-align-center<?php echo esc_attr( $entry_header_classes ); ?>">

<div class="intro-text section-inner max-percentage<?php echo $intro_text_width; //phpcs:ignore WordPress.Security.EscapeOutput.OutputNotEscaped -- static output ?>">

#4 @chintan1896
2 months ago

  • Resolution invalid deleted
  • Status changed from closed to reopened

#5 @Otto42
2 months ago

  • Resolution set to invalid
  • Status changed from reopened to closed

Please do not reopen tickets without a valid reason. Thanks.

#6 follow-up: @Otto42
2 months ago

The $intro_text_width is correct in that it not meant to be filterable, it's "small" or "thin" and that's it, more or less. Thus, no need for escaping.

The $post_meta_classes (and the $post_meta_wrapper_classes) appear to have been intended to be filterable but the apply_filters calls are missing. This should be corrected in the next version of the theme. However, had they been filterable, then these escapes would be correct.

#7 in reply to: ↑ 6 @chintan1896
2 months ago

Hey @Otto42, thanks for your kind reply. Can i add patch with filter of $post_meta_classes?

Last edited 2 months ago by chintan1896 (previous) (diff)
Note: See TracTickets for help on using tickets.