Fix: Update Raw <script> tags with wp_inline_script_tag() for bundled themes.
#9416
Conversation
…ction definition for backward compatibility
|
The following accounts have interacted with this PR and/or linked issues. I will continue to update these lists as activity occurs. You can also manually ask me to refresh this list by adding the Unlinked AccountsThe following contributors have not linked their GitHub and WordPress.org accounts: @peterwilsoncc. Contributors, please read how to link your accounts to ensure your work is properly credited in WordPress releases. Core Committers: Use this line as a base for the props when committing in SVN: To understand the WordPress project's expectations around crediting contributors, please review the Contributor Attribution page in the Core Handbook. |
Test using WordPress PlaygroundThe changes in this pull request can previewed and tested using a WordPress Playground instance. WordPress Playground is an experimental project that creates a full WordPress instance entirely within the browser. Some things to be aware of
For more details about these limitations and more, check out the Limitations page in the WordPress Playground documentation. |
| */ | ||
| $attributes = apply_filters( 'wp_inline_script_attributes', $attributes, $data ); | ||
|
|
||
| return sprintf( "<script%s>%s</script>\n", wp_sanitize_script_attributes( $attributes ), $data ); |
There was a problem hiding this comment.
wp_sanitize_script_attributes will need to be polyfilled for pre-WP 5.7.0 too
🔢 This applies to the other themes requiring polyfills too, so I won't repeat myself.
There was a problem hiding this comment.
On the ticket, I suggested avoiding polyfills entirely. The themes need a fallback for older WordPress versions, but copying core functions into the themes seems overly complex.
| /** | ||
| * Filters attributes to be added to a script tag. | ||
| * | ||
| * Added for backward compatibility to support pre-5.7.0 WordPress versions. | ||
| * | ||
| * @since 5.7.0 | ||
| * | ||
| * @param array $attributes Key-value pairs representing `<script>` tag attributes. | ||
| * Only the attribute name is added to the `<script>` tag for | ||
| * entries with a boolean value, and that are true. | ||
| * @param string $data Inline data. | ||
| */ |
There was a problem hiding this comment.
For duplicate filters WordPress simply posts a reference to the original docblock.
| /** | |
| * Filters attributes to be added to a script tag. | |
| * | |
| * Added for backward compatibility to support pre-5.7.0 WordPress versions. | |
| * | |
| * @since 5.7.0 | |
| * | |
| * @param array $attributes Key-value pairs representing `<script>` tag attributes. | |
| * Only the attribute name is added to the `<script>` tag for | |
| * entries with a boolean value, and that are true. | |
| * @param string $data Inline data. | |
| */ | |
| /** This filter is documented in wp-includes/script-loader.php */ |
🔢 This applies to the other themes requiring polyfills too, so I won't repeat myself.
There was a problem hiding this comment.
Fixed wherever applicable
| * XHTML extracts the contents of the SCRIPT element and then the XML parser | ||
| * decodes character references and other syntax elements. This can lead to | ||
| * misinterpretation of the script contents or invalid XHTML documents. | ||
| * | ||
| * Wrapping the contents in a CDATA section instructs the XML parser not to | ||
| * transform the contents of the SCRIPT element before passing them to the | ||
| * JavaScript engine. | ||
| * | ||
| * Example: | ||
| * | ||
| * <script>console.log('…');</script> | ||
| * | ||
| * In an HTML document this would print "…" to the console, | ||
| * but in an XHTML document it would print "…" to the console. | ||
| * | ||
| * <script>console.log('An image is <img> in HTML');</script> | ||
| * | ||
| * In an HTML document this would print "An image is <img> in HTML", | ||
| * but it's an invalid XHTML document because it interprets the `<img>` | ||
| * as an empty tag missing its closing `/`. | ||
| * | ||
| * @see https://www.w3.org/TR/xhtml1/#h-4.8 | ||
| */ |
There was a problem hiding this comment.
Nit: * in the multiline comments ought to align so the second and subsequent lines will need a space before them.
🔢 This applies to other multi-line comments so I won't repeat myself.
There was a problem hiding this comment.
Fixed wherever applicable.
Debarghya-Banerjee
requested review from
peterwilsoncc,
sabernhardt and
westonruter
Trac Ticket: Core-63806
This pull request updates all inline script outputs in the bundled themes to use WordPress’s script helper functions, specifically
wp_print_inline_script_tag(), in place of manually constructed<script>tags.✅ Why This Matters
As of #59446, WordPress Core has adopted the use of
wp_get_script_tag(),wp_get_inline_script_tag(), andwp_print_inline_script_tag()to eliminate manually constructed<script>tags. This change was made to:However, many default and third-party themes still use raw
<script>tags, which prevents them from fully benefiting from these improvements.🛠 What’s Changed
'<script>...</script>'with calls towp_print_inline_script_tag().🔙 Backward Compatibility
Since these helper functions were introduced in WordPress 5.7+, this PR also includes polyfill definitions in functions.php to ensure compatibility with earlier WordPress versions.
The polyfills conditionally define
wp_print_inline_script_tag()andwp_get_inline_script_tag()functions only if they don’t already exist, making it safe for all supported versions.