WordPress.org
Get WordPress

Plugin Directory

Changeset 3200973


Ignore:
Timestamp:
12/02/2024 02:14:41 PM (15 months ago)
Author:
onlyoffice
Message:

dev v2.1.2

Location:
onlyoffice-docspace/trunk
Files:
4 edited

Legend:

Unmodified
Added
Removed

  • onlyoffice-docspace/trunk/CHANGELOG.md

    r3156337 r3200973  
    11# Change Log
    22
     3## 2.1.2
     4## Changed
     5- fixed xss vulnerabilities in onlyoffice-docspace page component
    36
    47## 2.1.1

  • onlyoffice-docspace/trunk/onlyoffice-docspace-wordpress.php

    r3156337 r3200973  
    88 * Plugin URI:        https://github.com/ONLYOFFICE/onlyoffice-docspace-wordpress
    99 * Description:       Add ONLYOFFICE DocSpace on page
    10  * Version:           2.1.1
     10 * Version:           2.1.2
    1111 * Requires at least: 5.7
    1212 * Requires PHP:      7.4
     
    4646 */
    4747define( 'OODSP_PLUGIN_NAME', 'onlyoffice-docspace-wordpress' );
    48 define( 'OODSP_VERSION', '2.1.1' );
     48define( 'OODSP_VERSION', '2.1.2' );
    4949define( 'OODSP_PLUGIN_URL', plugin_dir_url( __FILE__ ) );
    5050define( 'OODSP_PLUGIN_FILE', __FILE__ );

  • onlyoffice-docspace/trunk/public/class-oodsp-public-docspace.php

    r3086336 r3200973  
    183183        );
    184184
    185         $align = ! empty( $atts['align'] ) ? 'align' . $atts['align'] : '';
    186         $size  = ! empty( $atts['width'] ) && ! ( 'full' === $atts['align'] ) ? 'width: ' . $atts['width'] . ';' : '';
    187         $size .= ! empty( $atts['height'] ) ? 'height: ' . $atts['height'] . ';' : '';
     185        $align = ! empty( $atts['align'] ) ? 'align' . sanitize_text_field( $atts['align'] ) : '';
     186        $size  = ! empty( $atts['width'] ) && ! ( 'full' === $atts['align'] ) ? 'width: ' . sanitize_text_field( $atts['width'] ) . ';' : '';
     187        $size .= ! empty( $atts['height'] ) ? 'height: ' . sanitize_text_field( $atts['height'] ) . ';' : '';
    188188
    189         $output  = '<div class="wp-block-onlyoffice-docspace-wordpress-onlyoffice-docspace ' . $align . ' size-full" style="' . $size . '">';
     189        $output  = '<div class="wp-block-onlyoffice-docspace-wordpress-onlyoffice-docspace ' . esc_attr( $align ) . ' size-full" style="' . esc_attr( $size ) . '">';
    190190        $output .= "<div class='onlyoffice-docspace-block' data-config='" . wp_json_encode( $atts ) . "' id='onlyoffice-docspace-block-" . $instance . "'></div>";
    191191        $output .= '</div>';

  • onlyoffice-docspace/trunk/readme.txt

    r3156337 r3200973  
    44Requires at least: 6.2
    55Tested up to: 6.3.1
    6 Stable tag: 2.1.1
     6Stable tag: 2.1.2
    77Requires PHP: 8.0
    88License: GPLv2
     
    8989
    9090== Changelog ==
     91= 2.1.2 =
     92* fixed xss vulnerabilities in onlyoffice-docspace page component
     93
     94= 2.1.1 =
     95* DocSpace JS SDK version 1.0.1
     96* use username in user export data if first_name and last_name is empty
     97
    9198= 2.1.0 =
    9299* ability to add multiple rooms/files to a page
Note: See TracChangeset for help on using the changeset viewer.