@wordpress/block-library 6.0.28 → 6.0.29

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
Files changed (5) hide show
  1. package/package.json +2 -2
  2. package/src/navigation/index.php +4 -4
  3. package/src/post-featured-image/index.php +1 -1
  4. package/src/rss/index.php +3 -3
  5. package/src/search/index.php +5 -5
package/package.json CHANGED
@@ -1,6 +1,6 @@
1
1
  {
2
2
  "name": "@wordpress/block-library",
3
- "version": "6.0.28",
3
+ "version": "6.0.29",
4
4
  "description": "Block library for the WordPress editor.",
5
5
  "author": "The WordPress Contributors",
6
6
  "license": "GPL-2.0-or-later",
@@ -72,5 +72,5 @@
72
72
  "publishConfig": {
73
73
  "access": "public"
74
74
  },
75
- "gitHead": "342ca4cdad4dd5a974db45232a48fe53f7eb28e0"
75
+ "gitHead": "e6f12e566122d1f2070847f181c88fb597dd031d"
76
76
  }
package/src/navigation/index.php CHANGED
@@ -549,13 +549,13 @@ function render_block_core_navigation( $attributes, $content, $block ) {
549
549
  </div>
550
550
  </div>
551
551
  </div>',
552
- $modal_unique_id,
552
+ esc_attr( $modal_unique_id ),
553
553
  $inner_blocks_html,
554
554
  __( 'Open menu' ), // Open button label.
555
555
  __( 'Close menu' ), // Close button label.
556
- implode( ' ', $responsive_container_classes ),
557
- implode( ' ', $open_button_classes ),
558
- $colors['overlay_inline_styles'],
556
+ esc_attr( implode( ' ', $responsive_container_classes ) ),
557
+ esc_attr( implode( ' ', $open_button_classes ) ),
558
+ esc_attr( safecss_filter_attr( $colors['overlay_inline_styles'] ) ),
559
559
  __( 'Menu' )
560
560
  );
561
561
 
package/src/post-featured-image/index.php CHANGED
@@ -43,7 +43,7 @@ function render_block_core_post_featured_image( $attributes, $content, $block )
43
43
  if ( ! empty( $attributes['scale'] ) ) {
44
44
  $image_styles .= "object-fit:{$attributes['scale']};";
45
45
  }
46
- $featured_image = str_replace( 'src=', "style='$image_styles' src=", $featured_image );
46
+ $featured_image = str_replace( '<img ', '<img style="' . esc_attr( safecss_filter_attr( $image_styles ) ) . '" ', $featured_image );
47
47
  }
48
48
 
49
49
  return "<figure $wrapper_attributes>$featured_image</figure>";
package/src/rss/index.php CHANGED
@@ -16,7 +16,7 @@ function render_block_core_rss( $attributes ) {
16
16
  $rss = fetch_feed( $attributes['feedURL'] );
17
17
 
18
18
  if ( is_wp_error( $rss ) ) {
19
- return '<div class="components-placeholder"><div class="notice notice-error"><strong>' . __( 'RSS Error:' ) . '</strong> ' . $rss->get_error_message() . '</div></div>';
19
+ return '<div class="components-placeholder"><div class="notice notice-error"><strong>' . __( 'RSS Error:' ) . '</strong> ' . esc_html( $rss->get_error_message() ) . '</div></div>';
20
20
  }
21
21
 
22
22
  if ( ! $rss->get_item_quantity() ) {
@@ -44,8 +44,8 @@ function render_block_core_rss( $attributes ) {
44
44
  if ( $date ) {
45
45
  $date = sprintf(
46
46
  '<time datetime="%1$s" class="wp-block-rss__item-publish-date">%2$s</time> ',
47
- date_i18n( get_option( 'c' ), $date ),
48
- date_i18n( get_option( 'date_format' ), $date )
47
+ esc_attr( date_i18n( get_option( 'c' ), $date ) ),
48
+ esc_attr( date_i18n( get_option( 'date_format' ), $date ) )
49
49
  );
50
50
  }
51
51
  }
package/src/search/index.php CHANGED
@@ -276,12 +276,12 @@ function styles_for_block_core_search( $attributes ) {
276
276
  // Add color styles.
277
277
  $has_text_color = ! empty( $attributes['style']['color']['text'] );
278
278
  if ( $has_text_color ) {
279
- $button_styles[] = sprintf( 'color: %s;', esc_attr( $attributes['style']['color']['text'] ) );
279
+ $button_styles[] = sprintf( 'color: %s;', $attributes['style']['color']['text'] );
280
280
  }
281
281
 
282
282
  $has_background_color = ! empty( $attributes['style']['color']['background'] );
283
283
  if ( $has_background_color ) {
284
- $button_styles[] = sprintf( 'background-color: %s;', esc_attr( $attributes['style']['color']['background'] ) );
284
+ $button_styles[] = sprintf( 'background-color: %s;', $attributes['style']['color']['background'] );
285
285
  }
286
286
 
287
287
  $has_custom_gradient = ! empty( $attributes['style']['color']['gradient'] );
@@ -290,9 +290,9 @@ function styles_for_block_core_search( $attributes ) {
290
290
  }
291
291
 
292
292
  return array(
293
- 'input' => ! empty( $input_styles ) ? sprintf( ' style="%s"', safecss_filter_attr( implode( ' ', $input_styles ) ) ) : '',
294
- 'button' => ! empty( $button_styles ) ? sprintf( ' style="%s"', safecss_filter_attr( implode( ' ', $button_styles ) ) ) : '',
295
- 'wrapper' => ! empty( $wrapper_styles ) ? sprintf( ' style="%s"', safecss_filter_attr( implode( ' ', $wrapper_styles ) ) ) : '',
293
+ 'input' => ! empty( $input_styles ) ? sprintf( ' style="%s"', esc_attr( safecss_filter_attr( implode( ' ', $input_styles ) ) ) ) : '',
294
+ 'button' => ! empty( $button_styles ) ? sprintf( ' style="%s"', esc_attr( safecss_filter_attr( implode( ' ', $button_styles ) ) ) ) : '',
295
+ 'wrapper' => ! empty( $wrapper_styles ) ? sprintf( ' style="%s"', esc_attr( safecss_filter_attr( implode( ' ', $wrapper_styles ) ) ) ) : '',
296
296
  );
297
297
  }
298
298