Upstream/WordPress
1
0
Fork 0
mirror of https://github.com/WordPress/WordPress.git synced 2024-06-25 22:35:02 +02:00
Code Issues Projects Releases Wiki Activity

KSES: Add support for gradient backgrounds.

Browse Source 
Props jorgefilipecosta.
Fixes #48376.
Built from https://develop.svn.wordpress.org/trunk@46793


git-svn-id: http://core.svn.wordpress.org/trunk@46593 1a063a9b-81f0-0310-95a4-ce76da25c4cd
This commit is contained in:
Sergey Biryukov 2019-11-28 00:29:02 +00:00
parent 0aef4faacd
commit 7acfab22b8
2 changed files with 23 additions and 3 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

24
wp-includes/kses.php
View File

@ -2073,6 +2073,7 @@ function safecss_filter_attr( $css, $deprecated = '' ) {
* @since 5.2.0 Added support for `background-position` and `grid-template-columns` * @since 5.2.0 Added support for `background-position` and `grid-template-columns`
* @since 5.3.0 Added support for `grid`, `flex` and `column` layout properties. * @since 5.3.0 Added support for `grid`, `flex` and `column` layout properties.
* Extend `background-*` support of individual properties. * Extend `background-*` support of individual properties.
* @since 5.3.1 Added support for gradient backgrounds.
* *
* @param string[] $attr Array of allowed CSS attributes. * @param string[] $attr Array of allowed CSS attributes.
*/ */
@ -2209,6 +2210,15 @@ function safecss_filter_attr( $css, $deprecated = '' ) {
'list-style-image', 'list-style-image',
); );
/*
* CSS attributes that accept gradient data types.
*
*/
$css_gradient_data_types = array(
'background',
'background-image',
);
if ( empty( $allowed_attr ) ) { if ( empty( $allowed_attr ) ) {
return $css; return $css;
} }
@ -2223,6 +2233,7 @@ function safecss_filter_attr( $css, $deprecated = '' ) {
$css_test_string = $css_item; $css_test_string = $css_item;
$found = false; $found = false;
$url_attr = false; $url_attr = false;
$gradient_attr = false;
if ( strpos( $css_item, ':' ) === false ) { if ( strpos( $css_item, ':' ) === false ) {
$found = true; $found = true;
@ -2231,8 +2242,9 @@ function safecss_filter_attr( $css, $deprecated = '' ) {
$css_selector = trim( $parts[0] ); $css_selector = trim( $parts[0] );
if ( in_array( $css_selector, $allowed_attr, true ) ) { if ( in_array( $css_selector, $allowed_attr, true ) ) {
$found = true; $found = true;
$url_attr = in_array( $css_selector, $css_url_data_types, true ); $url_attr = in_array( $css_selector, $css_url_data_types, true );
$gradient_attr = in_array( $css_selector, $css_gradient_data_types, true );
} }
} }
@ -2261,6 +2273,14 @@ function safecss_filter_attr( $css, $deprecated = '' ) {
} }
} }
if ( $found && $gradient_attr ) {
$css_value = trim( $parts[1] );
if ( preg_match( '/^(repeating-)?(linear|radial|conic)-gradient\(([^()]|rgb[a]?\([^()]*\))*\)$/', $css_value ) ) {
// Remove the whole `gradient` bit that was matched above from the CSS.
$css_test_string = str_replace( $css_value, '', $css_test_string );
}
}
// Remove any CSS containing containing \ ( & } = or comments, except for url() useage checked above. // Remove any CSS containing containing \ ( & } = or comments, except for url() useage checked above.
if ( $found && ! preg_match( '%[\\\(&=}]|/\*%', $css_test_string ) ) { if ( $found && ! preg_match( '%[\\\(&=}]|/\*%', $css_test_string ) ) {
if ( $css != '' ) { if ( $css != '' ) {

2
wp-includes/version.php
View File

@ -13,7 +13,7 @@
* *
* @global string $wp_version * @global string $wp_version
*/ */
$wp_version = '5.4-alpha-46792'; $wp_version = '5.4-alpha-46793';
/** /**
* Holds the WordPress DB revision, increments when changes are made to the WordPress DB schema. * Holds the WordPress DB revision, increments when changes are made to the WordPress DB schema.