From 67650469e47bbefb3ca34bff54f523d84a550493 Mon Sep 17 00:00:00 2001 From: USERSATOSHI Date: Tue, 29 Jul 2025 15:18:57 +0530 Subject: [PATCH 1/2] feat: add validation for allowed blocks in registered patterns --- .../class-wp-block-patterns-registry.php | 35 +++++++++++++++++++ 1 file changed, 35 insertions(+) diff --git a/src/wp-includes/class-wp-block-patterns-registry.php b/src/wp-includes/class-wp-block-patterns-registry.php index 2afa8a853f1b9..6a2d8416b94a7 100644 --- a/src/wp-includes/class-wp-block-patterns-registry.php +++ b/src/wp-includes/class-wp-block-patterns-registry.php @@ -114,6 +114,41 @@ public function register( $pattern_name, $pattern_properties ) { ); return false; } + + // Block Validation to check if blocks used in the pattern are allowed. + $blocks = parse_blocks( $pattern_properties['content'] ); + $block_names = wp_list_pluck( $blocks, 'blockName' ); + $allowed_blocks = apply_filters( 'allowed_block_types_all', true ); + + if ( is_array( $allowed_blocks ) ) { + $allowed_blocks = array_flip( $allowed_blocks ); + foreach ( $block_names as $block_name ) { + if ( ! isset( $allowed_blocks[ $block_name ] ) ) { + _doing_it_wrong( + __METHOD__, + sprintf( + /* translators: %1$s: Pattern name, %2$s: Block name. */ + __( 'Pattern "%1$s" contains disallowed block "%2$s".' ), + $pattern_name, + $block_name + ), + '6.9.0' + ); + return false; + } + } + } else if ( ! $allowed_blocks ) { + _doing_it_wrong( + __METHOD__, + sprintf( + /* translators: %s: Pattern name. */ + __( 'Pattern "%s" contains blocks, but all blocks are disallowed.' ), + $pattern_name + ), + '6.9.0' + ); + return false; + } } $pattern = array_merge( From 8c5c0038913308f3949bfe790eaddffc2f876d96 Mon Sep 17 00:00:00 2001 From: USERSATOSHI Date: Tue, 29 Jul 2025 15:21:11 +0530 Subject: [PATCH 2/2] style: fix phpcs warning --- src/wp-includes/class-wp-block-patterns-registry.php | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/src/wp-includes/class-wp-block-patterns-registry.php b/src/wp-includes/class-wp-block-patterns-registry.php index 6a2d8416b94a7..f68f5c1e2c8bb 100644 --- a/src/wp-includes/class-wp-block-patterns-registry.php +++ b/src/wp-includes/class-wp-block-patterns-registry.php @@ -137,7 +137,7 @@ public function register( $pattern_name, $pattern_properties ) { return false; } } - } else if ( ! $allowed_blocks ) { + } elseif ( ! $allowed_blocks ) { _doing_it_wrong( __METHOD__, sprintf(