Global Styles: Allow content/wide widths when unfiltered_html is not allowed

[mmtr]

What?

Follow-up of #46388.

This PR ensures that the content and wide width settings set via Global Styles are considered safe and thus output as custom properties on the body element.

Why?

Because secure layout.contentSize and layout.wideSize settings are being stripped out for users without the unfiltered_html capability as part of remove_insecure_settings.

How?

• Updates the INDIRECT_PROPERTIES_METADATA array introduced in Global styles: Allow indirect properties when unfiltered_html is not allowed #46388 to allow the layout.contentSize and layout.wideSize settings.
• Modifies the remove_insecure_settings to check the INDIRECT_PROPERTIES_METADATA array for settings that are not included in PRESETS_METADATA.

Testing Instructions

Note: a quick way to test this PR is to place the following in lib/init.php in the Gutenberg plugin, rather than worrying about changing user capabilities:

add_action( 'init', 'kses_init_filters' );

1. With this PR applied and with a user with unfiltered_html capability (e.g. a regular admin), you should be able to save content and wide widths in Appearance > Editor > Styles > Layout.
2. Repeating the above with a user without unfiltered_html capability (or enable the KSES filters with add_action( 'init', 'kses_init_filters' );) you should now still be able to save content and wide widths in Appearance > Editor > Styles > Layout.

Ensure tests pass:

npm run test:unit:php -- --filter WP_Theme_JSON_Gutenberg_Test

Screenshots or screencast

Before	After

[ramonjd]

I spun up a multisite and created a new admin user.

On trunk my layout content/width values are not saved:

This PR they are. YAY

🍺

[andrewserong]

Thanks for fixing this up! Nice idea turning the indirect properties into an array of arrays so that multiple values using the same CSS property is allowed 👍