fix: add a filter to wp_kses_allowed_html

2022-05-23 18:45:58 -03:00 · 2022-05-23 18:45:58 -03:00 · 528ca70da6
parent 9b946e5ef8
commit 528ca70da6
3 changed files with 42 additions and 18 deletions
--- a/src/classes/entities/class-tainacan-item.php
+++ b/src/classes/entities/class-tainacan-item.php
@ -771,8 +771,8 @@ class Item extends Entity {
 			}

 		}
-
-		return apply_filters("tainacan-item-get-document-as-html", wp_kses_post($output), $img_size, $this);
+		$allowed_html = wp_kses_allowed_html('tainacan_post');
+		return apply_filters("tainacan-item-get-document-as-html", wp_kses($output, $allowed_html), $img_size, $this);

 	}

@ -806,8 +806,8 @@ class Item extends Entity {
 				$output .= $embed;
 			}
 		}
-	
-		return wp_kses_post($output);
+		$allowed_html = wp_kses_allowed_html('tainacan_post');
+		return wp_kses($output, $allowed_html);

 	}

--- a/src/classes/theme-helper/template-tags.php
+++ b/src/classes/theme-helper/template-tags.php
@ -3,6 +3,13 @@
 use \Tainacan\Entities;
 use \Tainacan\Repositories;

+function tainacan_get_default_allowed_styles ( $styles ) {
+	$styles[] = 'display';
+	$styles[] = 'position';
+	$styles[] = 'visibility';
+	return $styles;
+}
+
 /**
 * To be used inside The Loop
 *
@ -332,6 +339,8 @@ function tainacan_get_the_media_component(
 	$args['media_main_id'] = $media_id . '-main';
 	$args['media_thumbs_id'] = $media_id . '-thumbs';
 	$args['media_id'] = $media_id;
+	$allowed_html = wp_kses_allowed_html('tainacan_post');
+	add_filter( 'safe_style_css', 'tainacan_get_default_allowed_styles');

 	if ( $args['has_media_main'] || $args['has_media_thumbs'] ) :
 		// Modal lightbox layer for rendering photoswipe
@ -363,7 +372,9 @@ function tainacan_get_the_media_component(
 					<ul class="swiper-wrapper <?php echo esc_attr($args['class_main_ul']) ?>">
 						<?php foreach($media_items_main as $media_item) { ?>
 							<li class="swiper-slide <?php echo esc_attr($args['class_main_li']) ?>">
-								<?php echo wp_kses_post($media_item) ?>
+								<?php 
+									echo wp_kses($media_item, $allowed_html);
+								 ?>
 							</li>
 						<?php }; ?>
 					</ul>
@ -394,7 +405,7 @@ function tainacan_get_the_media_component(
 					<ul class="swiper-wrapper <?php echo esc_attr($args['class_thumbs_ul']) ?>">
 						<?php foreach($media_items_thumbs as $media_item) { ?>
 							<li class="swiper-slide <?php echo esc_attr($args['class_thumbs_li']) ?>">
-								<?php echo wp_kses_post($media_item) ?>
+								<?php echo wp_kses($media_item, $allowed_html); ?>
 							</li>
 						<?php }; ?>
 					</ul>
@ -420,8 +431,10 @@ function tainacan_get_the_media_component(

 		</div>

-	<?php endif; ?> <!-- End of if ($args['has_media_main'] || $args['has_media_thumbs'] ) -->
-	
+	<?php
+	endif;
+	remove_filter( 'safe_style_css', 'tainacan_get_default_allowed_styles');
+	?> <!-- End of if ($args['has_media_main'] || $args['has_media_thumbs'] ) -->
 <?php
 }

@ -464,14 +477,7 @@ function tainacan_get_the_media_component_slide( $args = array() ) {
 		'media_type' => ''
 	), $args);

-	$allowed_html = wp_kses_allowed_html('post');
-	$allowed_html['iframe'] = array(
-		'src'             => true,
-		'height'          => true,
-		'width'           => true,
-		'frameborder'     => true,
-		'allowfullscreen' => true,
-	);
+	$allowed_html =  wp_kses_allowed_html('tainacan_post');
 	ob_start();

 ?>
--- a/src/tainacan.php
+++ b/src/tainacan.php
@ -123,3 +123,21 @@ function tainacan_add_admin_bar_items ( WP_Admin_Bar $admin_bar ) {
 	}
 }
 add_action( 'admin_bar_menu', 'tainacan_add_admin_bar_items', 500 );
+
+
+add_filter('wp_kses_allowed_html', function($allowedposttags, $context) {
+	if($context == 'tainacan_post') {
+		$post_allowed_html = wp_kses_allowed_html('post');
+		return  array_merge(
+			$post_allowed_html, 
+			['iframe' => array(
+				'src'             => true,
+				'height'          => true,
+				'width'           => true,
+				'frameborder'     => true,
+				'allowfullscreen' => true,
+			)]
+		);
+	}
+	return $allowedposttags;
+}, 10, 2);