diff --git a/projects/plugins/boost/app/lib/critical-css/class-display-critical-css.php b/projects/plugins/boost/app/lib/critical-css/class-display-critical-css.php
index 0c24b8647640..71e2785e97f9 100644
--- a/projects/plugins/boost/app/lib/critical-css/class-display-critical-css.php
+++ b/projects/plugins/boost/app/lib/critical-css/class-display-critical-css.php
@@ -106,13 +106,31 @@ public function display_critical_css() {
echo ' tag (or any HTML tags) in output.
+ // Ensure the CSS cannot terminate the style element early.
// phpcs:ignore WordPress.Security.EscapeOutput.OutputNotEscaped
- echo wp_strip_all_tags( $critical_css );
+ echo self::sanitize_css( $critical_css );
echo '';
}
+ /**
+ * Sanitize CSS for output inside a ';
- $instance = new Display_Critical_CSS( $css_with_html );
+ public function test_display_critical_css_neutralizes_style_breakout() {
+ $css_with_breakout = 'body { color: red; }';
+ $instance = new Display_Critical_CSS( $css_with_breakout );
ob_start();
$instance->display_critical_css();
$output = ob_get_clean();
- $this->assertStringNotContainsString( '