From d880e60f1133f17bd8b660a1eef7d781fb94b263 Mon Sep 17 00:00:00 2001
From: "Dominik Schilling (ocean90)" <ocean90@git.wordpress.org>
Date: Thu, 11 May 2017 19:22:17 +0000
Subject: [PATCH] KSES: Support `'tag' => true` as a shorthand for `'tag' =>
 array()` in `wp_kses_attr()`.

`Automatic_Upgrader_Skin::feedback()` had always assumed that this is already the case, now it is.

See #20017.
Fixes #40680.

git-svn-id: https://develop.svn.wordpress.org/trunk@40637 602fd350-edb4-49c9-b593-d223f7449a82
---
 src/wp-includes/kses.php     |  3 ++-
 tests/phpunit/tests/kses.php | 30 ++++++++++++++++++++++++++++++
 2 files changed, 32 insertions(+), 1 deletion(-)

diff --git a/src/wp-includes/kses.php b/src/wp-includes/kses.php
index b567e10cde..41dc7f2d94 100644
--- a/src/wp-includes/kses.php
+++ b/src/wp-includes/kses.php
@@ -828,8 +828,9 @@ function wp_kses_attr($element, $attr, $allowed_html, $allowed_protocols) {
 		$xhtml_slash = ' /';
 
 	// Are any attributes allowed at all for this element?
-	if ( ! isset($allowed_html[strtolower($element)]) || count($allowed_html[strtolower($element)]) == 0 )
+	if ( ! isset( $allowed_html[ strtolower( $element ) ] ) || true === $allowed_html[ strtolower( $element ) ] || count( $allowed_html[ strtolower( $element ) ] ) == 0 ) {
 		return "<$element$xhtml_slash>";
+	}
 
 	// Split it
 	$attrarr = wp_kses_hair($attr, $allowed_protocols);
diff --git a/tests/phpunit/tests/kses.php b/tests/phpunit/tests/kses.php
index bc62c58c6c..96e2594cd4 100644
--- a/tests/phpunit/tests/kses.php
+++ b/tests/phpunit/tests/kses.php
@@ -678,4 +678,34 @@ EOF;
 
 		$this->assertEquals( $input, wp_kses( $input, $allowedposttags ) );
 	}
+
+	/**
+	 * @ticket 40680
+	 */
+	function test_wp_kses_attr_no_attributes_allowed_with_empty_array() {
+		$element = 'foo';
+		$attribute = 'title="foo" class="bar"';
+
+		$this->assertEquals( "<{$element}>", wp_kses_attr( $element, $attribute, array( 'foo' => array() ), array() ) );
+	}
+
+	/**
+	 * @ticket 40680
+	 */
+	function test_wp_kses_attr_no_attributes_allowed_with_true() {
+		$element = 'foo';
+		$attribute = 'title="foo" class="bar"';
+
+		$this->assertEquals( "<{$element}>", wp_kses_attr( $element, $attribute, array( 'foo' => true ), array() ) );
+	}
+
+	/**
+	 * @ticket 40680
+	 */
+	function test_wp_kses_attr_single_attribute_is_allowed() {
+		$element = 'foo';
+		$attribute = 'title="foo" class="bar"';
+
+		$this->assertEquals( "<{$element} title=\"foo\">", wp_kses_attr( $element, $attribute, array( 'foo' => array( 'title' => true ) ), array() ) );
+	}
 }