vhad/wordpress-develop
1
0
Fork 0
mirror of https://github.com/gosticks/wordpress-develop.git synced 2026-06-28 14:20:15 +00:00
Code Issues Actions Packages Projects Releases Wiki Activity

Widgets: Validate HTML before saving block widgets.

Browse Source 
Props talldanwp, noisysocks, kevin940726, peterwilsoncc.


git-svn-id: https://develop.svn.wordpress.org/trunk@51414 602fd350-edb4-49c9-b593-d223f7449a82
This commit is contained in:
Peter Wilson
2021-07-13 05:57:04 +00:00
parent 7447f866f7
commit 4d616c6665
2 changed files with 14 additions and 2 deletions
Download Patch File Download Diff File Expand all files Collapse all files

9
src/wp-includes/widgets/class-wp-widget-block.php
View File

@@ -178,8 +178,13 @@ class WP_Widget_Block extends WP_Widget {
* @return array Settings to save or bool false to cancel saving.
*/
public function update( $new_instance, $old_instance ) {
$instance = array_merge( $this->default_instance, $old_instance );
$instance['content'] = $new_instance['content'];
$instance = array_merge( $this->default_instance, $old_instance );
if ( current_user_can( 'unfiltered_html' ) ) {
$instance['content'] = $new_instance['content'];
} else {
$instance['content'] = wp_kses_post( $new_instance['content'] );
}
return $instance;
}