vhad/wordpress-develop
1
0
Fork 0
mirror of https://github.com/gosticks/wordpress-develop.git synced 2026-06-28 22:30:04 +00:00
Code Issues Actions Packages Projects Releases Wiki Activity

Editor: Ensure block comments are of a valid form.

Browse Source 
Ensures that the block delimiter comments are of a valid form: opening with `<!--` and closing with `-->`.

Props xknown, isabel_brison, peterwilsoncc.



git-svn-id: https://develop.svn.wordpress.org/trunk@55762 602fd350-edb4-49c9-b593-d223f7449a82
This commit is contained in:
Jb Audras
2023-05-16 14:21:35 +00:00
parent 1cbfa03510
commit b64aa36aa3
1 changed files with 17 additions and 0 deletions
Download Patch File Download Diff File Expand all files Collapse all files

17
src/wp-includes/blocks.php
View File

@@ -800,6 +800,10 @@ function serialize_blocks( $blocks ) {
function filter_block_content( $text, $allowed_html = 'post', $allowed_protocols = array() ) {
$result = '';
if ( false !== strpos( $text, '<!--' ) && false !== strpos( $text, '--->' ) ) {
$text = preg_replace_callback( '%<!--(.*?)--->%', '_filter_block_content_callback', $text );
}
$blocks = parse_blocks( $text );
foreach ( $blocks as $block ) {
$block = filter_block_kses( $block, $allowed_html, $allowed_protocols );
@@ -809,6 +813,19 @@ function filter_block_content( $text, $allowed_html = 'post', $allowed_protocols
return $result;
}
/**
* Callback used for regular expression replacement in filter_block_content().
*
* @private
* @since 6.2.1
*
* @param array $matches Array of preg_replace_callback matches.
* @return string Replacement string.
*/
function _filter_block_content_callback( $matches ) {
return '<!--' . rtrim( $matches[1], '-' ) . '-->';
}
/**
* Filters and sanitizes a parsed block to remove non-allowable HTML
* from block attribute values.