[wp-hackers] Safe commenting
ringmaster at midnightcircus.com
Thu Jun 22 20:24:42 GMT 2006
Jason Salaz wrote:
> On 6/22/06, Handy <handy.solo at gmail.com> wrote:
>> Anyone here be game to offer some reassurances or thoughts to this
>> thread over in the Support Forums?
>> http://wordpress.org/support/topic/76975?replies=7 titled "How to make
>> comments safe?"
> Isn't kses running against all comments 'out of the box'?
> I can't even comment with a freaking <q> tag for crying out loud. And
> he wants to say that an open <script> capability exists?
> Somebody is either 1) not running stock wordpress 2) has extensive
> mods. Whether core code modification or script level, who knows.
He's just commenting as logged in user with the unfiltered_html
capability. Normal visitors won't be able to post script tags to his
More information about the wp-hackers