Quotes

Viewing 4 replies - 1 through 4 (of 4 total)
  • Damon Cook

    (@colorful-tones)

    I’m having the same issue, and believe it is related to output sanitization, e.g. $this_post_styles = esc_html( stripcslashes( jd_post_style_data($this_post_styles,'css') ) );

    I’m not sure how to mitigate though.

    Lack of quote support makes it hard to work with custom Google Fonts, e.g. font-family: 'Gentium Book Basic', serif;

    Please advise.

    Plugin Author Joe Dolson

    (@joedolson)

    It is because of escaping. Escaping CSS is extremely difficult to do accurately, and at the moment I’m choosing security over support. There is a method to set this up using HTMLPurifier and CSSTidy, but until I have the opportunity to take those steps, I’m going to stick with the secure option.

    Thread Starter nikjvale

    (@nikjvale)

    I understand your dilemma. But just to clarify – the plugin does not support the following CSS examples:

    .class:before{content:'@';background-image:url('image.png');}

    and

    .class{font-family: 'Gentium Book Basic', serif;}

    Damon Cook

    (@colorful-tones)

    I totally support security as a priority. I would advise updating plugin FAQ or details to warn users that there is no support for certain characters.

    Thanks!

Viewing 4 replies - 1 through 4 (of 4 total)
  • The topic ‘Quotes’ is closed to new replies.