\"';\\" ) ) {
return '';
}
$hex = sanitize_hex_color( $raw );
if ( is_string( $hex ) && '' !== $hex ) {
return $hex;
}
// 8-digit hex (#rrggbbaa, CSS Color Level 4) — sanitize_hex_color rejects.
if ( preg_match( '/^#[a-fA-F0-9]{8}$/', $raw ) ) {
return $raw;
}
if ( preg_match( '/^var\(\s*--[a-zA-Z0-9_-]+\s*\)$/', $raw ) ) {
return $raw;
}
if ( preg_match( '/^(?:rgb|rgba|hsl|hsla)\(\s*[\d.,\s%\/-]+\)$/i', $raw ) ) {
return $raw;
}
return '';
};
$color_clean = $sanitize_color( $color );
$style_attr = $color_clean ? ' style="color:' . esc_attr( $color_clean ) . ';"' : '';
$wrapper_attrs = get_block_wrapper_attributes(
array( 'class' => 'bw-dev-subtitle-wrapper bw-dev-subtitle-wrapper--' . $align )
);
if ( '' !== $url ) {
$rel = '_blank' === $link_target ? ' rel="noopener noreferrer"' : '';
$inner = sprintf(
'%s',
esc_url( $url ),
esc_attr( $link_target ),
$rel,
$style_attr,
esc_html( $text )
);
} else {
$inner = sprintf(
'%s',
$style_attr,
esc_html( $text )
);
}
printf( '%s
', wp_kses_data( $wrapper_attrs ), $inner ); // phpcs:ignore WordPress.Security.EscapeOutput.OutputNotEscaped -- inner is already escaped above.