From 3b65def3d9b1f3005fb5684bb369ccc6bcc9044b Mon Sep 17 00:00:00 2001 From: Andrew Serong <14988353+andrewserong@users.noreply.github.com> Date: Thu, 19 Jan 2023 15:11:57 +1100 Subject: [PATCH 1/3] Safe style css: Add position CSS properties to support position controls in blocks --- src/wp-includes/kses.php | 7 +++++++ tests/phpunit/tests/kses.php | 5 +++++ 2 files changed, 12 insertions(+) diff --git a/src/wp-includes/kses.php b/src/wp-includes/kses.php index 157be6be119f1..ae49f6b878ff0 100644 --- a/src/wp-includes/kses.php +++ b/src/wp-includes/kses.php @@ -2438,6 +2438,13 @@ function safecss_filter_attr( $css, $deprecated = '' ) { 'overflow', 'vertical-align', + 'position', + 'top', + 'right', + 'bottom', + 'left', + 'z-index', + // Custom CSS properties. '--*', ) diff --git a/tests/phpunit/tests/kses.php b/tests/phpunit/tests/kses.php index b31f477661d8c..97c2d893f653e 100644 --- a/tests/phpunit/tests/kses.php +++ b/tests/phpunit/tests/kses.php @@ -1278,6 +1278,11 @@ public function data_test_safecss_filter_attr() { 'css' => '--?><.%-not-allowed: red;', 'expected' => '', ), + // Position properties introduced in 6.2. + array( + 'css' => 'position: sticky;top: 0;left: 0;right: 0;bottom: 0;z-index: 10;', + 'expected' => 'position: sticky;top: 0;left: 0;right: 0;bottom: 0;z-index: 10', + ) ); } From 1b7ff5ab142459ea18a517093b5868f5c69d4465 Mon Sep 17 00:00:00 2001 From: Andrew Serong <14988353+andrewserong@users.noreply.github.com> Date: Thu, 19 Jan 2023 15:47:11 +1100 Subject: [PATCH 2/3] Add trailing comma --- tests/phpunit/tests/kses.php | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/tests/phpunit/tests/kses.php b/tests/phpunit/tests/kses.php index 97c2d893f653e..32edc4df5618d 100644 --- a/tests/phpunit/tests/kses.php +++ b/tests/phpunit/tests/kses.php @@ -1282,7 +1282,7 @@ public function data_test_safecss_filter_attr() { array( 'css' => 'position: sticky;top: 0;left: 0;right: 0;bottom: 0;z-index: 10;', 'expected' => 'position: sticky;top: 0;left: 0;right: 0;bottom: 0;z-index: 10', - ) + ), ); } From 08ccde650e44c66f327ef91103b3887b5c407705 Mon Sep 17 00:00:00 2001 From: Andrew Serong <14988353+andrewserong@users.noreply.github.com> Date: Thu, 19 Jan 2023 16:46:47 +1100 Subject: [PATCH 3/3] Add line to comment --- src/wp-includes/kses.php | 1 + 1 file changed, 1 insertion(+) diff --git a/src/wp-includes/kses.php b/src/wp-includes/kses.php index ae49f6b878ff0..5766beb92fb29 100644 --- a/src/wp-includes/kses.php +++ b/src/wp-includes/kses.php @@ -2277,6 +2277,7 @@ function kses_init() { * nested `var()` values, and assigning values to CSS variables. * Added support for `object-fit`, `gap`, `column-gap`, `row-gap`, and `flex-wrap`. * Extended `margin-*` and `padding-*` support for logical properties. + * @since 6.2.0 Added support for `position`, `top`, `right`, `bottom`, `left` and `z-index` position CSS properties. * * @param string $css A string of CSS rules. * @param string $deprecated Not used.