WP_Theme_JSON: preserve valid non-preset settings when KSES filters are active

[ramonjd]

A PR to sync https://github.com/WordPress/gutenberg/pull/73452

Problem

When KSES filters are active (via add_action( 'init', 'kses_init_filters' )), valid non-preset settings in Global Styles are being incorrectly filtered out. Specifically:

• lightbox.enabled and lightbox.allowEditing for Image blocks

The issue occurs because remove_insecure_settings() only preserved:

1. Presets (from PRESETS_METADATA)
2. Indirect CSS properties (from INDIRECT_PROPERTIES_METADATA)

All other valid settings were being stripped, even though they're defined in VALID_SETTINGS and are safe scalar values or arrays.

Related Issue: https://github.com/WordPress/gutenberg/issues/73157

Solution

Added a new preserve_valid_settings() method and SAFE_SETTINGS const that work to preserves valid settings.

Testing Instructions

Manual Testing

1. Enable KSES filters:

   add_action( 'init', 'kses_init_filters' );
   

   Add this to your theme's functions.php or a plugin.

2. Test Image Block Lightbox Settings:

   • Go to Appearance > Editor > Styles
   • Navigate to Blocks > Image
   • Open the Settings panel
   • Toggle the "Enlarge on click" (lightbox) setting
   • Save the changes
   • Expected: The setting should persist after saving and page reload
   • Before fix: The setting would revert after saving

3. Test Other Valid Settings:

   • Try changing other valid settings in Global Styles (e.g., layout settings, spacing settings)
   • Save and verify they persist
   • Expected: All valid settings should be preserved

Trac ticket: https://core.trac.wordpress.org/ticket/64280

---

This Pull Request is for code review only. Please keep all other discussion in the Trac ticket. Do not merge this Pull Request. See GitHub Pull Requests for Code Review in the Core Handbook for more details.