ACF 5.10 Introduces Block API v2 Support, Block Preloading, and Security Improvements

ACF 5.10 Introduces Block API v2 Support, Block Preloading, and Security Improvements

Posted by WP Tavern on August 27, 2021 at 9:54 am
kitty kitty CATegory News
Advanced Custom Fields (ACF) has released version 5.10, the first major release since the plugin was acquired by Delicious Brains. It introduces several new features that were previously experimental, closing out tickets that were started by previous owner Elliot Condon. The release enables HTML escaping by default, which helps prevent Cross-Site Scripting (XSS) attacks. It runs content rendered by ACF through the WordPress wp_kses() function. There was a little confusion about how this works and the release post has been updated to clarify: “It’s important to note that this only affects content rendered by ACF in your WordPress dashboard or any front-end forms rendered through acf_form(),” Iain Poulson said. “This will not affect field values loaded through API functions such as get_field() and the_field(). We don’t make any assumptions about where you are using your field values within your theme and do not escape to them as a result.” Version 5.10 also introduces support for the WordPress Blocks API v2 for ACF blocks. WordPress 5.6 came with a new Block API that makes it easier for theme and plugin developers to style the block content with more consistent results matching the front end. The ACF team has created a Block API v2 help doc with examples…

…Full post on WP Tavern
Read Full

Similar Posts

Subscribe
Notify of
0 Comments
Inline Feedbacks
View all comments