Skip to content

2.1.11 - Fix Card meta HTML escaping regression

Choose a tag to compare

View all tags
@georgeolaru georgeolaru released this 11 Feb 19:34
· 126 commits to main since this release
2.1.11
f716ba6

Fix

  • Card blocks displaying raw HTML span tags: The security escaping added in 2.1.10 over-escaped internally-generated HTML in card meta output, causing <span class="nb-card__meta--primary"> tags to be displayed as visible text instead of rendered HTML. This affected category, author, tag, and other meta text on Card blocks.

Details

The fix moves text escaping to the data source (novablocks_get_post_card_meta()) and uses wp_kses_post() in the shared wrapper function to allow the internally-generated HTML structure while maintaining XSS protection.

Fixes #477

Assets 3
Loading