[wp-trac] [WordPress Trac] #47281: Editor: KSES: Include Flex properties in CSS whitelist to support core Column block width
WordPress Trac
noreply at wordpress.org
Wed May 15 15:15:08 UTC 2019
#47281: Editor: KSES: Include Flex properties in CSS whitelist to support core
Column block width
-------------------------+-----------------------------
Reporter: aduth | Owner: (none)
Type: enhancement | Status: new
Priority: normal | Milestone: Awaiting Review
Component: Editor | Version:
Severity: normal | Keywords: has-patch
Focuses: |
-------------------------+-----------------------------
Related: #46597 (r45242)
Related: https://github.com/WordPress/gutenberg/pull/15499
As of [https://make.wordpress.org/core/2019/05/15/whats-new-in-gutenberg-
15th-may/ Gutenberg 5.7], the Column block supports a `width` attribute
which is implemented by applying a `flex-basis` inline style to the
block's produced markup. This style attribute is not currently included in
the [https://core.trac.wordpress.org/browser/trunk/src/wp-
includes/kses.php?rev=45242#L2057 `safe_style_css` filtered array] and
thus would be removed by users not privileged with the
[https://codex.wordpress.org/Roles_and_Capabilities#unfiltered_html
`unfiltered_html` capability]
([https://github.com/WordPress/gutenberg/blob/f34057788ddac6b133a077bc56d8a3f7095f75da/lib/compat.php#L11-L26
filtered by Gutenberg]). As was done with #46597, the default filtered
array should be modified to include this new style attribute. **This is
only necessary if and when the Column enhancements arrive in trunk.**
It is an open question whether all (or common) flex attributes should be
whitelisted. In my initial patch, I will propose the inclusion of the
minimal set necessary for Column block support.
--
Ticket URL: <https://core.trac.wordpress.org/ticket/47281>
WordPress Trac <https://core.trac.wordpress.org/>
WordPress publishing platform
More information about the wp-trac
mailing list