Issue #864: Allow 'data-amp-layout' in wp_kses() for 'post.'

Add this attribute to the allowed list for <img>. The sanitizer now converts this to 'layout.'
ampproject · Mar 1, 2018 · 037f6ef · 037f6ef
1 parent 878e023
commit 037f6ef
Show file tree

Hide file tree

Showing 3 changed files with 47 additions and 0 deletions.
diff --git a/includes/class-amp-theme-support.php b/includes/class-amp-theme-support.php
@@ -183,6 +183,7 @@ public static function register_hooks() {
 		add_filter( 'comment_reply_link', array( __CLASS__, 'filter_comment_reply_link' ), 10, 4 );
 		add_filter( 'cancel_comment_reply_link', array( __CLASS__, 'filter_cancel_comment_reply_link' ), 10, 3 );
 		add_action( 'comment_form', array( __CLASS__, 'add_amp_comment_form_templates' ), 100 );
+		add_filter( 'wp_kses_allowed_html', 'AMP_WP_Utils::add_layout', 10, 2 );
 
 		// @todo Add character conversion.
 	}

diff --git a/includes/utils/class-amp-wp-utils.php b/includes/utils/class-amp-wp-utils.php
@@ -58,4 +58,28 @@ protected static function _wp_translate_php_url_constant_to_key( $constant ) {
 
 		return false;
 	}
+
+	/**
+	 * Adds 'data-amp-layout' to the allowed <img> attributes for wp_kses() in a 'post' context.
+	 *
+	 * @since 0.7
+	 *
+	 * @param array  $context      Allowed tags and their allowed attributes.
+	 * @param string $context_type Type of context.
+	 * @return array $context      Filtered allowed tags and attributes.
+	 */
+	public static function add_layout( $context, $context_type ) {
+		if ( 'post' !== $context_type ) {
+			return $context;
+		}
+		$img            = isset( $context['img'] ) ? $context['img'] : array();
+		$context['img'] = array_merge(
+			$img,
+			array(
+				'data-amp-layout' => true,
+			)
+		);
+		return $context;
+	}
+
 }
diff --git a/tests/test-amp-wp-utils.php b/tests/test-amp-wp-utils.php
@@ -44,4 +44,26 @@ function test__method( $url, $expected, $component ) {
 
 		$this->assertEquals( $expected, $actual );
 	}
+
+	/**
+	 * Test AMP_WP_Utils::add_layout().
+	 *
+	 * @see AMP_WP_Utils::add_layout()
+	 */
+	public function test_add_layout() {
+		$this->assertEquals( array(), AMP_WP_Utils::add_layout( array(), 'explicit' ) );
+		$this->assertEquals(
+			array(
+				'img' => array(
+					'data-amp-layout' => true,
+				),
+			),
+			AMP_WP_Utils::add_layout( array(), 'post' )
+		);
+
+		add_filter( 'wp_kses_allowed_html', 'AMP_WP_Utils::add_layout', 10, 2 );
+		$image = '<img data-amp-layout="fill">';
+		$this->assertEquals( $image, wp_kses_post( $image ) );
+	}
+
 }