From 52447fb6a98891f54e0f977a060d0189163c022f Mon Sep 17 00:00:00 2001 From: Karthik Bhat Date: Sun, 3 May 2020 23:01:47 +0530 Subject: [PATCH] Escape paging_nav --- library/frontend/main-structure.php | 30 +++++++++++++++++++++++++++-- src/build.sh | 4 ++-- 2 files changed, 30 insertions(+), 4 deletions(-) diff --git a/library/frontend/main-structure.php b/library/frontend/main-structure.php index 8bc31da..dde849d 100644 --- a/library/frontend/main-structure.php +++ b/library/frontend/main-structure.php @@ -662,7 +662,6 @@ function greenlet_paging_nav( $query = null ) { } $current_page = max( 1, $paged ); - // Not sure. Maybe get $paged from $_POST['current']. if ( 'number' === $format || 'ajax' === $format ) { @@ -699,7 +698,34 @@ function greenlet_paging_nav( $query = null ) { $op .= ''; $op .= "\n"; - echo apply_filters( 'greenlet_paging_nav', $op, $pages, $pag_attr ); // phpcs:ignore + $pagination_tags = array( + 'ul' => array( + 'class' => true, + 'id' => true, + ), + 'li' => array( + 'class' => true, + 'id' => true, + ), + 'a' => array( + 'class' => true, + 'id' => true, + 'href' => true, + 'data-next' => true, + ), + 'span' => array( + 'class' => true, + 'id' => true, + ), + 'input' => array( + 'class' => true, + 'id' => true, + 'type' => true, + 'value' => true, + ), + ); + + echo wp_kses( apply_filters( 'greenlet_paging_nav', $op, $pages, $pag_attr ), $pagination_tags ); } /** diff --git a/src/build.sh b/src/build.sh index b81a999..1a8ebef 100755 --- a/src/build.sh +++ b/src/build.sh @@ -79,8 +79,8 @@ elif [ "$1" == "--final" ]; then buildfonts removePOBackups printf "${BGREEN}STEP 3: BUNDLING${NC}\n" - rsync -avP --exclude '*.git*' --exclude '*node_modules*' --exclude '*package*' --exclude '*tests*' --exclude '*.DS_Store*' --exclude '*src/build*' --exclude '*src/.env' \ - --exclude 'library/pro*' --exclude 'pro*' --exclude 'todo.txt' --exclude '*.map' ./* --delete ~/Desktop/greenlet + rsync -avP --exclude '*.git*' --exclude '*node_modules*' --exclude '*package*' --exclude '*tests*' --exclude '*.DS_Store*' --exclude '*src/build*' --exclude '*src/update-version' \ + --exclude '*src/.env' --exclude 'library/pro*' --exclude 'pro*' --exclude 'todo.txt' --exclude '*.map' ./* --delete ~/Desktop/greenlet current=$(pwd) cd ~/Desktop zip -r greenlet.zip greenlet