wpallstars/wp-plugin-starter-template-for-ai-coding
Template
1
1
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

chore: improve workflow names and fix CSS indentation consistency (#18)

Browse Source 
* fix: resolve plugin class loading reliability issues

* fix: address CodeRabbit XSS and accessibility findings from PR #18

- admin/js/admin-scripts.js: replace HTML string interpolation in showNotice
  with DOM API construction and .text() to prevent XSS; whitelist type values
- admin/js/update-source-selector.js: replace .html(message) with .text(message)
  in showMessage to prevent XSS from AJAX response content
- admin/templates/modal.php: add role=dialog, aria-modal=true, aria-labelledby
  for screen reader semantics; replace <span> close control with <button> for
  keyboard operability and proper ARIA role
This commit is contained in:
Marcus Quinn
2026-03-16 18:40:09 +00:00
committed by GitHub
parent 41724f72c0
commit 1c1980bb22
7 changed files with 50 additions and 24 deletions
Download Patch File Download Diff File Expand all files Collapse all files

23
includes/Admin/class-admin.php
View File

@@ -69,10 +69,12 @@ class Admin {
// Get the plugin version.
$plugin_version = $this->core->get_plugin_version();
$plugin_url = $this->get_plugin_base_url();
// Enqueue styles.
\wp_enqueue_style(
'wpst-admin-styles',
plugin_dir_url( dirname( __DIR__ ) ) . 'admin/css/admin-styles.css',
$plugin_url . 'admin/css/admin-styles.css',
array(), // Dependencies.
$plugin_version // Version.
);
@@ -80,7 +82,7 @@ class Admin {
// Enqueue admin scripts.
\wp_enqueue_script(
'wpst-admin-script',
plugin_dir_url( dirname( __DIR__ ) ) . 'admin/js/admin-scripts.js',
$plugin_url . 'admin/js/admin-scripts.js',
array( 'jquery' ),
$plugin_version, // Version.
true
@@ -99,4 +101,21 @@ class Admin {
$data
);
}
/**
* Get plugin base URL.
*
* @return string Plugin base URL with trailing slash.
*/
private function get_plugin_base_url(): string {
if ( defined( 'WP_PLUGIN_STARTER_TEMPLATE_URL' ) ) {
return WP_PLUGIN_STARTER_TEMPLATE_URL;
}
if ( defined( 'WPST_PLUGIN_URL' ) ) {
return WPST_PLUGIN_URL;
}
return \plugin_dir_url( dirname( __DIR__, 2 ) );
}
}