Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Post Author: Switch byline to use kses so that rich text elements are rendered correctly #40776

Merged
merged 1 commit into from
May 4, 2022
Merged

Post Author: Switch byline to use kses so that rich text elements are rendered correctly #40776

merged 1 commit into from
May 4, 2022

Conversation

andrewserong
Copy link
Contributor

What?

Fixes: #40600

Why?

Currently, the Byline field of the Post Author block renders HTML elements added via the rich text controls in the editor as the raw escaped HTML elements on the front end of a site (e.g. <strong>my byline</strong>).

For server-rendered blocks that render out rich text stored in an attribute, we need to use wp_kses_post instead of esc_html so that the rich text elements (e.g. <strong>, <em>, etc) are rendered correctly, while still ensuring that illegal elements (e.g. script) are stripped. This approach follows eariler PRs like: #38649

How?

In the Post Author block, swap esc_html for wp_kses_post.

Testing Instructions

  1. In the site editor, go to update the single template, and add a Post Author block and include a byline for the post author.
  2. Use the rich text controls to add bold or emphasised text.
  3. Prior to this PR, on the front end of the site, the raw characters of the HTML tags are output
  4. After this PR, the rich text elements should be rendered correctly

Screenshots or screencast

Before After
image image

@andrewserong andrewserong added [Type] Bug An existing feature does not function as intended [Block] Post Author Affects the Post Author Block labels May 3, 2022
@andrewserong andrewserong self-assigned this May 3, 2022
@andrewserong andrewserong requested a review from ajitbohra as a code owner May 3, 2022 07:05
@andrewserong andrewserong mentioned this pull request May 3, 2022
Closed
@andrewserong andrewserong added the Backport to WP 6.7 Beta/RC Pull request that needs to be backported to the WordPress major release that's currently in beta label May 3, 2022
@dsas
Copy link
Contributor

dsas commented May 3, 2022

Hey Andrew! This tests well for me and the PR makes sense 👍

glendaviesnz
glendaviesnz approved these changes May 4, 2022
View reviewed changes
Copy link
Contributor

@glendaviesnz glendaviesnz left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Works as advertised for me. I also checked with contributor role and all the formatting works as expected still in preview for them.

@andrewserong
Copy link
Contributor Author

Thanks for the reviews!

@andrewserong andrewserong merged commit cf358f7 into trunk May 4, 2022
@andrewserong andrewserong deleted the fix/post-author-block-rich-text-escaping branch May 4, 2022 03:59
@github-actions github-actions bot added this to the Gutenberg 13.2 milestone May 4, 2022
@andrewserong andrewserong mentioned this pull request May 4, 2022
Merged
@gziolo
Copy link
Member

gziolo commented May 6, 2022

I cherry-pick this PR for WordPress 6.0 RC2 release with 2949638.

@gziolo gziolo removed the Backport to WP 6.7 Beta/RC Pull request that needs to be backported to the WordPress major release that's currently in beta label May 6, 2022
gziolo pushed a commit that referenced this pull request May 6, 2022
@andrewserong @gziolo
Post Author: Switch byline to use kses instead of esc_html so that ri…
2949638 
…ch text elements are rendered correctly (#40776)
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@dsas dsas dsas approved these changes

@glendaviesnz glendaviesnz glendaviesnz approved these changes

@ajitbohra ajitbohra Awaiting requested review from ajitbohra ajitbohra is a code owner

Assignees

@andrewserong andrewserong

Labels
[Block] Post Author Affects the Post Author Block [Type] Bug An existing feature does not function as intended
Projects
None yet
Milestone
Gutenberg 13.2
Development

Successfully merging this pull request may close these issues.

Post author: Byline encourages HTML but it is sanitised
4 participants
@andrewserong @dsas @gziolo @glendaviesnz