always escape output
This commit is contained in:
Matthias Pfefferle
parent
fe4e0961c8
commit
c93f02615d
4 changed files with 12 additions and 19 deletions
|
|
@ -214,17 +214,13 @@ class Shortcodes {
|
|||
|
||||
$atts = shortcode_atts(
|
||||
array(
|
||||
'type' => 'html',
|
||||
'type' => 'url',
|
||||
),
|
||||
$atts,
|
||||
$tag
|
||||
);
|
||||
|
||||
if ( 'raw' === $atts['type'] ) {
|
||||
return \get_permalink( $post->ID );
|
||||
}
|
||||
|
||||
if ( 'esc' === $atts['type'] ) {
|
||||
if ( 'url' === $atts['type'] ) {
|
||||
return \esc_url( \get_permalink( $post->ID ) );
|
||||
}
|
||||
|
||||
|
|
@ -249,17 +245,13 @@ class Shortcodes {
|
|||
|
||||
$atts = shortcode_atts(
|
||||
array(
|
||||
'type' => 'html',
|
||||
'type' => 'url',
|
||||
),
|
||||
$atts,
|
||||
$tag
|
||||
);
|
||||
|
||||
if ( 'raw' === $atts['type'] ) {
|
||||
return \wp_get_shortlink( $post->ID );
|
||||
}
|
||||
|
||||
if ( 'esc' === $atts['type'] ) {
|
||||
if ( 'url' === $atts['type'] ) {
|
||||
return \esc_url( \wp_get_shortlink( $post->ID ) );
|
||||
}
|
||||
|
||||
|
|
@ -306,7 +298,7 @@ class Shortcodes {
|
|||
return '';
|
||||
}
|
||||
|
||||
return $image;
|
||||
return \esc_url( $image );
|
||||
}
|
||||
|
||||
/**
|
||||
|
|
@ -387,7 +379,7 @@ class Shortcodes {
|
|||
return '';
|
||||
}
|
||||
|
||||
return $url;
|
||||
return \esc_url( $url );
|
||||
}
|
||||
|
||||
/**
|
||||
|
|
@ -400,7 +392,7 @@ class Shortcodes {
|
|||
* @return string
|
||||
*/
|
||||
public static function blogurl( $atts, $content, $tag ) {
|
||||
return \get_bloginfo( 'url' );
|
||||
return \esc_url( \get_bloginfo( 'url' ) );
|
||||
}
|
||||
|
||||
/**
|
||||
|
|
|
|||
|
|
@ -306,8 +306,8 @@ class Post {
|
|||
$content = \str_replace( '%title%', '[ap_title]', $content );
|
||||
$content = \str_replace( '%excerpt%', '[ap_excerpt]', $content );
|
||||
$content = \str_replace( '%content%', '[ap_content]', $content );
|
||||
$content = \str_replace( '%permalink%', '[ap_permalink]', $content );
|
||||
$content = \str_replace( '%shortlink%', '[ap_shortlink]', $content );
|
||||
$content = \str_replace( '%permalink%', '[ap_permalink type="html"]', $content );
|
||||
$content = \str_replace( '%shortlink%', '[ap_shortlink type="html"]', $content );
|
||||
$content = \str_replace( '%hashtags%', '[ap_hashtags]', $content );
|
||||
$content = \str_replace( '%tags%', '[ap_hashtags]', $content );
|
||||
|
||||
|
|
|
|||
|
|
@ -91,6 +91,7 @@ Project maintained on GitHub at [pfefferle/wordpress-activitypub](https://github
|
|||
= v.next =
|
||||
|
||||
* Add configuration item for number of images to attach. props [@mexon](https://github.com/mexon)
|
||||
* Use shortcodes instead of custom templates, to setup the Activity Post-Content. props [@toolstack](https://github.com/toolstack)
|
||||
|
||||
= 0.15.0 =
|
||||
|
||||
|
|
|
|||
|
|
@ -64,9 +64,9 @@
|
|||
<li><code>[ap_title]</code> - <?php \esc_html_e( 'The post\'s title.', 'activitypub' ); ?></li>
|
||||
<li><code>[ap_content]</code> - <?php \esc_html_e( 'The post\'s content.', 'activitypub' ); ?></li>
|
||||
<li><code>[ap_excerpt <i>lenght=400</i>]</code> - <?php \esc_html_e( 'The post\'s excerpt (default 400 chars). length parameter is optional.', 'activitypub' ); ?></li>
|
||||
<li><code>[ap_permalink <i>type=xxx</i>]</code> - <?php \esc_html_e( 'The post\'s permalink. Type can be either: raw (the raw url, no escaping), esc (the html escaped url), html (default, an a tag to the url).', 'activitypub' ); ?></li>
|
||||
<li><code>[ap_permalink <i>type=url</i>]</code> - <?php \esc_html_e( 'The post\'s permalink. Type can be either: url (default, the escaped url), html (an a tag to the url).', 'activitypub' ); ?></li>
|
||||
<?php // translators: ?>
|
||||
<li><code>[ap_shortlink <i>type=xxx</i>]</code> - <?php echo \wp_kses( \__( 'The post\'s shortlink. I can recommend <a href="https://wordpress.org/plugins/hum/" target="_blank">Hum</a>, to prettify the Shortlinks. Type can be either: raw (the raw url, no escaping), esc (the html escaped url), html (default, an a tag to the url).', 'activitypub' ), 'default' ); ?></li>
|
||||
<li><code>[ap_shortlink <i>type=url</i>]</code> - <?php echo \wp_kses( \__( 'The post\'s shortlink. I can recommend <a href="https://wordpress.org/plugins/hum/" target="_blank">Hum</a>, to prettify the Shortlinks. Type can be either: url (default, the escaped url), html (an a tag to the url).', 'activitypub' ), 'default' ); ?></li>
|
||||
<li><code>[ap_hashtags]</code> - <?php \esc_html_e( 'The post\'s tags as hashtags.', 'activitypub' ); ?></li>
|
||||
<li><code>[ap_hashcats]</code> - <?php \esc_html_e( 'The post\'s categories as hashtags.', 'activitypub' ); ?></li>
|
||||
<li><code>[ap_image <i>type=full</i>]</code> - <?php \esc_html_e( 'The URL for the post\'s featured image, defaults to full size. The type attribute can be any of the following: thumbnail, medium, large, full', 'activitypub' ); ?></li>
|
||||
|
|
|
|||
Loading…
Reference in a new issue