[wp-trac] [WordPress Trac] #48955: WP 5.3.1 changes cause potential backwards compatibility breakage with kses
WordPress Trac
noreply at wordpress.org
Mon Dec 23 20:58:45 UTC 2019
#48955: WP 5.3.1 changes cause potential backwards compatibility breakage with kses
--------------------------+---------------------
Reporter: iCaleb | Owner: (none)
Type: defect (bug) | Status: new
Priority: normal | Milestone: 5.3.3
Component: Security | Version: 5.3.1
Severity: normal | Resolution:
Keywords: needs-patch | Focuses:
--------------------------+---------------------
Comment (by xkon):
Sorry for bumping in as I didn't know about this ticket and it took me way
longer to find out why Customizer was producing massive amounts of errors
for me today as an array was trying to pass from some custom options.
It seems that due to the mentioned hook `add_filter( 'pre_kses',
'wp_pre_kses_block_attributes', 10, 3 );` the `parse_blocks()` is running
everywhere throughout the admin. Is this expected behavior?
As an example:
1] I've added `an error_log( $content );` at `wp-includes\blocks.php:511`.
2] Went into my Appearance -> Themes
debug.log shows:
{{{
[23-Dec-2019 20:36:57 UTC] Twenty Twenty
[23-Dec-2019 20:36:57 UTC] the WordPress team
[23-Dec-2019 20:36:57 UTC] Our default theme for 2020 is designed to take
full advantage of the flexibility of the block editor. Organizations and
businesses have the ability to create dynamic landing pages with endless
layouts using the group and column blocks. The centered content column and
fine-tuned typography also makes it perfect for traditional blogs.
Complete editor styles give you a good idea of what your content will look
like, even before you publish. You can give your site a personal touch by
changing the background colors and the accent color in the Customizer. The
colors of all elements on your site are automatically calculated based on
the colors you pick, ensuring a high, accessible color contrast for your
visitors.
}}}
Same thing happens on Plugins page for each existing plugin so on so
forth.
---
Also note that if the filter is simply commented out, there are no errors
produced at all from any of the Arrays that options in the Customizer
might be returning.
Again sorry if this might be throwing the conversation off, but it hasn't
been making any sense to me for hours now the part of why having an output
everywhere from the admin area when there are no blocks involved at all
(at least as far as I know ).
--
Ticket URL: <https://core.trac.wordpress.org/ticket/48955#comment:22>
WordPress Trac <https://core.trac.wordpress.org/>
WordPress publishing platform
More information about the wp-trac
mailing list