Update escaping for Featured Item product image

This commit is contained in:
Daniel W. Robert 2023-09-26 10:12:29 -04:00 committed by Luigi
parent 56a037a8c8
commit e3ccb230d1
1 changed files with 3 additions and 2 deletions

View File

@ -202,6 +202,7 @@ abstract class FeaturedItem extends AbstractDynamicBlock {
*/
private function render_image( $attributes, $item, string $image_url ) {
$style = sprintf( 'object-fit: %s;', esc_attr( $attributes['imageFit'] ) );
$img_alt = $attributes['alt'] ?: $this->get_item_title( $item );
if ( $this->hasFocalPoint( $attributes ) ) {
$style .= sprintf(
@ -214,7 +215,7 @@ abstract class FeaturedItem extends AbstractDynamicBlock {
if ( ! empty( $image_url ) ) {
return sprintf(
'<img alt="%1$s" class="wc-block-%2$s__background-image" src="%3$s" style="%4$s" />',
wp_kses_post( $attributes['alt'] ?: $this->get_item_title( $item ) ),
esc_attr( $img_alt ),
$this->block_name,
esc_url( $image_url ),
esc_attr( $style )