mirror of
https://github.com/WordPress/WordPress.git
synced 2025-02-16 19:46:21 +00:00
e7747ce23e
Using script tag helper functions allows plugins to employ the `wp_script_attributes` and `wp_inline_script_attributes` filters to inject the `nonce` attribute to apply Content Security Policy (e.g. Strict CSP). Use of helper functions also simplifies logic in `WP_Scripts`. * Update `wp_get_inline_script_tag()` to wrap inline script in CDATA blocks for XHTML-compatibility when not using HTML5. * Ensure the `type` attribute is printed first in `wp_get_inline_script_tag()` for back-compat. * Wrap existing `<script>` tags in output buffering to retain IDE supports. * In `wp_get_inline_script_tag()`, append the newline to `$javascript` before it is passed into the `wp_inline_script_attributes` filter so that the CSP hash can be computed properly. * In `the_block_template_skip_link()`, opt to enqueue the inline script rather than print it. * Add `ext-php` to `composer.json` under `suggest` as previously it was an undeclared dependency for running PHPUnit tests. * Update tests to rely on `DOMDocument` to compare script markup, normalizing unsemantic differences. Props westonruter, spacedmonkey, flixos90, 10upsimon, dmsnell, mukesh27, joemcgill, swissspidy, azaozz. Fixes #58664. See #39941. Built from https://develop.svn.wordpress.org/trunk@56687 git-svn-id: http://core.svn.wordpress.org/trunk@56199 1a063a9b-81f0-0310-95a4-ce76da25c4cd