From 6cddfb61a81fcafa381db3c3ca1a1a041e2a63ea Mon Sep 17 00:00:00 2001
From: Riad Benguella <benguella@gmail.com>
Date: Wed, 31 May 2023 10:39:14 +0100
Subject: [PATCH 1/2] Prevent freeform and shortcode blocks from converting
 HTML entities

---
 packages/block-library/src/freeform/block.json  | 2 +-
 packages/block-library/src/shortcode/block.json | 2 +-
 2 files changed, 2 insertions(+), 2 deletions(-)

diff --git a/packages/block-library/src/freeform/block.json b/packages/block-library/src/freeform/block.json
index 84b57b75326c0..809b7319c1888 100644
--- a/packages/block-library/src/freeform/block.json
+++ b/packages/block-library/src/freeform/block.json
@@ -9,7 +9,7 @@
 	"attributes": {
 		"content": {
 			"type": "string",
-			"source": "html"
+			"source": "raw"
 		}
 	},
 	"supports": {
diff --git a/packages/block-library/src/shortcode/block.json b/packages/block-library/src/shortcode/block.json
index 5b36d141dd93e..04444fb292c80 100644
--- a/packages/block-library/src/shortcode/block.json
+++ b/packages/block-library/src/shortcode/block.json
@@ -9,7 +9,7 @@
 	"attributes": {
 		"text": {
 			"type": "string",
-			"source": "html"
+			"source": "raw"
 		}
 	},
 	"supports": {

From 48531b72dcef411b924fde51a403811e52511082 Mon Sep 17 00:00:00 2001
From: Riad Benguella <benguella@gmail.com>
Date: Thu, 1 Jun 2023 09:03:44 +0100
Subject: [PATCH 2/2] Fix e2e tests

---
 .../e2e-tests/specs/editor/various/invalid-block.test.js     | 5 +----
 1 file changed, 1 insertion(+), 4 deletions(-)

diff --git a/packages/e2e-tests/specs/editor/various/invalid-block.test.js b/packages/e2e-tests/specs/editor/various/invalid-block.test.js
index ad08ac2f4c6b4..2f24db5e067b7 100644
--- a/packages/e2e-tests/specs/editor/various/invalid-block.test.js
+++ b/packages/e2e-tests/specs/editor/various/invalid-block.test.js
@@ -75,7 +75,7 @@ describe( 'invalid blocks', () => {
 		expect( hasAlert ).toBe( false );
 	} );
 
-	it( 'should strip potentially malicious script tags', async () => {
+	it( 'should not trigger malicious script tags when using a shortcode block', async () => {
 		let hasAlert = false;
 
 		page.on( 'dialog', () => {
@@ -94,9 +94,6 @@ describe( 'invalid blocks', () => {
 
 		// Give the browser time to show the alert.
 		await page.evaluate( () => new Promise( window.requestIdleCallback ) );
-
-		expect( console ).toHaveWarned();
-		expect( console ).toHaveErrored();
 		expect( hasAlert ).toBe( false );
 	} );
 } );