Theme Customizer: Properly escape customize settings when sending values to JS. Add WP_Customize_Setting->js_value(). fixes #20687, see #19910.
git-svn-id: https://develop.svn.wordpress.org/trunk@20809 602fd350-edb4-49c9-b593-d223f7449a82
This commit is contained in:
parent
c992db3d22
commit
621e3c1fc6
|
@ -230,6 +230,22 @@ class WP_Customize_Setting {
|
||||||
return $this->multidimensional_get( $values, $this->id_data[ 'keys' ], $this->default );
|
return $this->multidimensional_get( $values, $this->id_data[ 'keys' ], $this->default );
|
||||||
}
|
}
|
||||||
|
|
||||||
|
/**
|
||||||
|
* Escape the parameter's value for use in JavaScript.
|
||||||
|
*
|
||||||
|
* @since 3.4.0
|
||||||
|
*
|
||||||
|
* @return mixed The requested escaped value.
|
||||||
|
*/
|
||||||
|
public function js_value() {
|
||||||
|
$value = $this->value();
|
||||||
|
|
||||||
|
if ( is_string( $value ) )
|
||||||
|
return html_entity_decode( $value, ENT_QUOTES, 'UTF-8');
|
||||||
|
|
||||||
|
return $value;
|
||||||
|
}
|
||||||
|
|
||||||
/**
|
/**
|
||||||
* Check if the theme supports the setting and check user capabilities.
|
* Check if the theme supports the setting and check user capabilities.
|
||||||
*
|
*
|
||||||
|
|
|
@ -213,7 +213,7 @@ final class WP_Customize {
|
||||||
);
|
);
|
||||||
|
|
||||||
foreach ( $this->settings as $id => $setting ) {
|
foreach ( $this->settings as $id => $setting ) {
|
||||||
$settings['values'][ $id ] = $setting->value();
|
$settings['values'][ $id ] = $setting->js_value();
|
||||||
}
|
}
|
||||||
|
|
||||||
?>
|
?>
|
||||||
|
|
|
@ -108,7 +108,7 @@ do_action( 'customize_controls_print_scripts' );
|
||||||
|
|
||||||
foreach ( $this->settings as $id => $setting ) {
|
foreach ( $this->settings as $id => $setting ) {
|
||||||
$settings['settings'][ $id ] = array(
|
$settings['settings'][ $id ] = array(
|
||||||
'value' => $setting->value(),
|
'value' => $setting->js_value(),
|
||||||
'transport' => $setting->transport,
|
'transport' => $setting->transport,
|
||||||
);
|
);
|
||||||
}
|
}
|
||||||
|
|
Loading…
Reference in New Issue