Commit Graph

21 Commits

Author SHA1 Message Date
whyisjake
20740afc8f Prevent stored XSS in the block editor.
Brings r46896 to the 5.3 branch.

Prevent escaped unicode characters become unescaped in unsafe HTML during JSON decoding.


Built from https://develop.svn.wordpress.org/branches/5.3@46900


git-svn-id: http://core.svn.wordpress.org/branches/5.3@46700 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2019-12-12 18:14:06 +00:00
John Blackbourn
e36d1bcbd8 Docs: Docblock corrections and improvements, mostly related to various pre_* filters.
See #47110

Built from https://develop.svn.wordpress.org/trunk@46232


git-svn-id: http://core.svn.wordpress.org/trunk@46044 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2019-09-21 17:41:57 +00:00
jorgefilipecosta
b7fbf7d373 Block Editor: Backport block styles server functions from block editor.
This commit backports the block styles functionality added to the block editor in https://github.com/WordPress/gutenberg/pull/16356.

Props: youknowriad, aduth, swissspidy.
Fixes #48039.
Built from https://develop.svn.wordpress.org/trunk@46111


git-svn-id: http://core.svn.wordpress.org/trunk@45923 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2019-09-14 18:21:54 +00:00
Sergey Biryukov
68fd25ff1a Docs: Remove unused @global reference in do_blocks() DocBlock.
Props avinapatel.
Fixes #47055.
Built from https://develop.svn.wordpress.org/trunk@45393


git-svn-id: http://core.svn.wordpress.org/trunk@45204 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2019-05-24 01:05:52 +00:00
desrosj
3d84726ae8 Editor: Correct since annotation for the excerpt_allowed_blocks filter.
Props mukesh27, rabmalin.
Fixes #47079.
Built from https://develop.svn.wordpress.org/trunk@45284


git-svn-id: http://core.svn.wordpress.org/trunk@45093 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2019-05-03 16:54:52 +00:00
Andrew Ozz
655c21bbea Fix parsing of inner blocks when auto-generating an excerpt. Helps to prevent cases where dynamic inner blocks may cause an infinite loop if trying to auto-generate an excerpt.
Props desrosj, pento, gziolo, azaozz.
Fixes #46133.
Built from https://develop.svn.wordpress.org/trunk@45265


git-svn-id: http://core.svn.wordpress.org/trunk@45074 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2019-04-24 21:39:53 +00:00
John Blackbourn
17bdafca77 General: Fix a typo in the docs for _restore_wpautop_hook().
Props manzoorwani.jk

Fixes #46864

Built from https://develop.svn.wordpress.org/trunk@45159


git-svn-id: http://core.svn.wordpress.org/trunk@44968 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2019-04-11 17:27:52 +00:00
Gary Pendergast
affceae936 Blocks: Allow for nested the_content calls within do_blocks().
When `do_blocks()` is run, it sets up some special handling of the `wpautop` filter, as we don't want `wpautop` to run on block content, but we do want it to be available for subsequent runs of `the_content`, which may be happening on non-block content.

As we set this up before rendering dynamic blocks, however, a dynamic block choosing to run `the_content` will cause unintentially structural deficiences in this particular recursive block tower.

Moving this handling to after dynamic blocks are rendered makes our tower lean a little less.

Props aldavigdis, pento.
Fixes #45495.


Built from https://develop.svn.wordpress.org/trunk@45139


git-svn-id: http://core.svn.wordpress.org/trunk@44948 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2019-04-08 06:54:54 +00:00
Gary Pendergast
0bbfe3b8e2 Blocks: Add a $source_block parameter to the render_block_data filter.
This contains a copy of the block, unmodified by other filter functions, so that plugins have a clean reference to work from, if they need.

Props dmsnell.
Fixes #45451.


Built from https://develop.svn.wordpress.org/trunk@44576


git-svn-id: http://core.svn.wordpress.org/trunk@44407 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2019-01-14 01:47:51 +00:00
Gary Pendergast
203d686ec9 Blocks: Reverse the logic when checking the pre_render_block result.
We should be returning if the result isn't null, not when it is.

See #45451.


Built from https://develop.svn.wordpress.org/trunk@44555


git-svn-id: http://core.svn.wordpress.org/trunk@44386 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2019-01-10 23:31:50 +00:00
Gary Pendergast
8e2f6a9923 Blocks: Add the pre_render_block and render_block_data filters.
At the start of `render_block()`, the `pre_render_block` filter allows the function to be short-circuited, and the `render_block_data` filter is applied to the `$block` parameter before it's processed.

Props kkarpieszuk, pento.
Fixes #45451.


Built from https://develop.svn.wordpress.org/trunk@44553


git-svn-id: http://core.svn.wordpress.org/trunk@44384 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2019-01-10 23:16:50 +00:00
Dominik Schilling
0a66ea8149 Formatting: Remove unused global import for $wp_filter in _restore_wpautop_hook().
See #45290.
Built from https://develop.svn.wordpress.org/trunk@44431


git-svn-id: http://core.svn.wordpress.org/trunk@44262 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2019-01-07 16:59:52 +00:00
desrosj
4b0f960b7c Block Editor: Fix PHP warning when loading editor styles while in RTL.
In RTL languages, WordPress adds `style-editor-rtl.css` editor styles to the global `$editor_styles`.
This patch ignores handling these styles if the file is not preset.

Also, clarify the docs for the return value of the `block_version` function.

Props mostafa.s1990, desrosj, mukesh27.

Merges [43923] and [43924] to trunk.

Fixes #45288, #45342.
Built from https://develop.svn.wordpress.org/trunk@44270


git-svn-id: http://core.svn.wordpress.org/trunk@44100 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2018-12-17 18:07:51 +00:00
desrosj
9d7aa3436e Block Editor: Update @wordpress dependencies.
Changes of note:

- Includes the new Annotations API package.
- `wp-polyfill-ecmascript.js` is renamed to `wp-polyfill.js`.
- `strip_dynamic_blocks()` has been removed in favor of `excerpt_remove_blocks()`.
- The PHP block parser is now syncing from the `block-serialization-default-parser` package.
- `do_blocks()` uses the new parser.
- The `do_block` filter has been removed from `do_blocks()`, in favor of a `render_block` filter in `render_block()`.

Also, a little cleanup to `render_block()`. Always normalize `$block['attrs’]` to array in `’render_block’` filter.
Props pento, azaozz.

Merges [43884] and [43888] to trunk.

See #45145, #45190, #45264, #45282.
Built from https://develop.svn.wordpress.org/trunk@44261


git-svn-id: http://core.svn.wordpress.org/trunk@44091 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2018-12-17 04:52:00 +00:00
Sergey Biryukov
659ca2bd1e Tests: Fix tests broken in PHP 5.x after [43879].
Props pento.
Merges [43883] to trunk.
See #45290.
Built from https://develop.svn.wordpress.org/trunk@44242


git-svn-id: http://core.svn.wordpress.org/trunk@44072 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2018-12-17 03:19:38 +00:00
Jeremy Felt
7509965a56 Formatting: Ensure wpautop() isn't run on content generated from blocks.
As `do_blocks()` is run before `wpautop()` in the_content filter, we can remove in a Just In Time fashion, before that filter is run.

After `wpautop()`s original priority has passed, we can re-add it in a Just Too Late fashion, to ensure it's available if `the_content` filter is run multiple times on a page load.

Merges [43879] and [43881] from the 5.0 branch to trunk.

Props pento, nerrad.
Fixes #45290.

Built from https://develop.svn.wordpress.org/trunk@44226


git-svn-id: http://core.svn.wordpress.org/trunk@44056 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2018-12-17 03:06:12 +00:00
Gary Pendergast
423c828330 REST API: Include block_version on Post content object.
The `block_version` denotes which version of Blocks the `post_content` contains. Introduces new `block_version()` function for versioning Blocks.

Merges [43770] from the 5.0 branch to trunk.

Props danielbachhuber, birgire.
Fixes #43887.

Built from https://develop.svn.wordpress.org/trunk@44127


git-svn-id: http://core.svn.wordpress.org/trunk@43957 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2018-12-14 00:55:37 +00:00
desrosj
c2f3636e4a Blocks: Parse blocks when displaying posts.
Posts containing blocks are now correctly handled when displaying on the front end, including dynamic blocks and nested blocks.

Props pento.

Merges [43752] to trunk.

See #45109.
Built from https://develop.svn.wordpress.org/trunk@44118


git-svn-id: http://core.svn.wordpress.org/trunk@43948 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2018-12-13 22:22:38 +00:00
desrosj
24f247267f Blocks: Introduce the block parser.
The `WP_Block_Parser` class, and the accompanying `parse_blocks()` helper function, can be used to parse an array of blocks out of a content string.

`WP_Block_Parser` is copied from the `@wordpress/block-serialization-default-parser` package. To ensure it stays in sync with the JavaScript parser, changes should be implemented in the package first, then the package version should be upgraded to include the changes.

Props pento.

Merges [43751] to trunk.

See #45109.
Built from https://develop.svn.wordpress.org/trunk@44116


git-svn-id: http://core.svn.wordpress.org/trunk@43946 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2018-12-13 17:40:39 +00:00
Gary Pendergast
0f1544dabc Blocks: Introduce register_block_type(), unregister_block_type(), and get_dynamic_blocks() functions.
These helper functions allow easy access to the global block registry.

Merges [43743] from the 5.0 branch to trunk.

See #45109.

Built from https://develop.svn.wordpress.org/trunk@44109


git-svn-id: http://core.svn.wordpress.org/trunk@43939 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2018-12-13 09:54:25 +00:00
Gary Pendergast
2d3f734847 Blocks: Introduce WP_Block_Type and WP_Block_Type_Registry classes.
These are the foundational classes allowing blocks to be registered and used throughout WordPress.

This commit also includes the `has_block()` and `has_blocks()` functions, which are required for unit testing these classes.

Merges [43742] from the 5.0 branch to trunk.

Props adamsilverstein, danielbachhuber, desrosj.
Fixes #45097.
See #45109.

Built from https://develop.svn.wordpress.org/trunk@44108


git-svn-id: http://core.svn.wordpress.org/trunk@43938 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2018-12-13 09:44:23 +00:00