#1049 #1050 Proper escaping of atts in alt tags

templates/features.php

@@ -3311,6 +3311,9 @@ function ampforwp_thumbnail_alt(){
 	$thumb_alt = esc_attr(get_post_meta( $thumb_id, '_wp_attachment_image_alt', true));
 	if($thumb_alt){ 
 		echo "alt = '$thumb_alt'";
+	$thumb_alt = get_post_meta( $thumb_id, '_wp_attachment_image_alt', true) ;
+	if($thumb_alt){
+		echo 'alt = "'. esc_attr($thumb_alt). '"';
 	}
 }
 // For Post ID in Body tag #1006

templates/frontpage-elements.php

@@ -47,15 +47,15 @@ function ampforwp_design_1_frontpage_content( $template, $post_id ){
 					$thumb_id = get_post_thumbnail_id($post_id);
 					$image = wp_get_attachment_image_src( $thumb_id, 'medium' ); 
 					$caption = get_the_post_thumbnail_caption( $post_id ); 
-					$thumb_alt = esc_attr(get_post_meta( $thumb_id, '_wp_attachment_image_alt', true));
+					$thumb_alt = get_post_meta( $thumb_id, '_wp_attachment_image_alt', true);
 					if($thumb_alt){
 						$alt = $thumb_alt;
 					}
 					else{
 						$alt = get_the_title( $post_id );
 					}
 					?>
-				<amp-img src="<?php echo $image[0]; ?>" width="<?php echo $image[1]; ?>" height="<?php echo $image[2]; ?>" layout=responsive alt="<?php echo $alt; ?>" >  </amp-img>
+				<amp-img src="<?php echo $image[0]; ?>" width="<?php echo $image[1]; ?>" height="<?php echo $image[2]; ?>" layout=responsive alt="<?php echo esc_attr($alt); ?>" >  </amp-img>
 					<?php if ( $caption ) : ?>
 						<p class="wp-caption-text">
 							<?php echo wp_kses_data( $caption ); ?>
@@ -100,7 +100,7 @@ function ampforwp_design_2_frontpage_content($template, $post_id){
 		<?php if (has_post_thumbnail( $post_id ) ):  ?>
 			<figure class="amp-wp-article-featured-image wp-caption"> <?php  
 				$thumb_id = get_post_thumbnail_id($post_id);
-				$thumb_alt = esc_attr(get_post_meta( $thumb_id, '_wp_attachment_image_alt', true));
+				$thumb_alt = get_post_meta( $thumb_id, '_wp_attachment_image_alt', true);
 				if($thumb_alt){
 						$alt = $thumb_alt;
 				}
@@ -109,7 +109,7 @@ function ampforwp_design_2_frontpage_content($template, $post_id){
 				}
 				$image = wp_get_attachment_image_src( get_post_thumbnail_id( $post_id ), 'medium' ); 
 				$caption = get_the_post_thumbnail_caption( $post_id ); ?>
-				<amp-img src="<?php echo $image[0]; ?>" width="<?php echo $image[1]; ?>" height="<?php echo $image[2]; ?>" layout=responsive alt="<?php echo $alt; ?>" >  </amp-img>	
+				<amp-img src="<?php echo $image[0]; ?>" width="<?php echo $image[1]; ?>" height="<?php echo $image[2]; ?>" layout=responsive alt="<?php echo esc_attr($alt); ?>" >  </amp-img>	
 				<?php if ( $caption ) : ?>
 					<p class="wp-caption-text">
 						<?php echo wp_kses_data( $caption ); ?>
@@ -152,7 +152,7 @@ function ampforwp_design_3_frontpage_content($template, $post_id){
 			<?php if (has_post_thumbnail( $post_id ) ):  ?>
 				<figure class="amp-wp-article-featured-image wp-caption"> <?php
 					$thumb_id = get_post_thumbnail_id($post_id);
-					$thumb_alt = esc_attr(get_post_meta( $thumb_id, '_wp_attachment_image_alt', true));
+					$thumb_alt = get_post_meta( $thumb_id, '_wp_attachment_image_alt', true);
 					if($thumb_alt){
 							$alt = $thumb_alt;
 					}
@@ -161,7 +161,7 @@ function ampforwp_design_3_frontpage_content($template, $post_id){
 					}  
 					$image = wp_get_attachment_image_src( get_post_thumbnail_id( $post_id ), 'medium' ); 
 					$caption = get_the_post_thumbnail_caption( $post_id ); ?>
-					<amp-img src="<?php echo $image[0]; ?>" width="<?php echo $image[1]; ?>" height="<?php echo $image[2]; ?>" layout=responsive alt="<?php echo $alt; ?>" >  </amp-img>	
+					<amp-img src="<?php echo $image[0]; ?>" width="<?php echo $image[1]; ?>" height="<?php echo $image[2]; ?>" layout=responsive alt="<?php echo esc_attr($alt); ?>" >  </amp-img>	
 					<?php if ( $caption ) : ?>
 						<p class="wp-caption-text">
 							<?php echo wp_kses_data( $caption ); ?>