Use `wp_sidebar_description` for sidebar description in the REST API

[desrosj]

The wp_sidebar_description() function is for retrieving and sanitizing a sidebar description as passed to register_sidebar(). This allows a subset of markup to be allowed as dictated by wp_kses().

The REST API should return the description as generated by wp_sidebar_description() and not by accessing the $registered_sidebar global directly.

[TimothyBlynJacobs]

Patch looks great to me!

[desrosj]

In 51408:

Widgets: Use wp_sidebar_description() to retrieve a sidebar’s description.

This switches WP_REST_Sidebars_Controller to use wp_sidebar_description() for retrieving the description of a given sidebar instead of referencing the value in the $wp_registered_sidebars global variable directly.

wp_sidebar_description() uses wp_kses() to only allow the default list of $allowed_tags to be present in a sidebar’s description.

Props timothyblynjacobs, desrosj.
Fixes #53646.

[desrosj]

Reopening to backport [51408].

[desrosj]

Just a note for the future, I was tempted to simplify further and remove the entire isset() check in favor of wp_sidebar_description(). But because wp_sidebar_description() can return void if the sidebar $id is non-scalar, that can't be done currently.

[SergeyBiryukov]

[51408] looks good to backport.

[desrosj]

[51412] merged [51408] to the 5.8 branch, but Trac missed it. Closing out.