[wp-hackers] Safe commenting

Handy handy.solo at gmail.com
Thu Jun 22 20:33:28 GMT 2006


Thanks to all of you who helped keep that thread straight by stopping
by (so quickly!).  Very much appreciated.  :-)

On 6/22/06, Owen Winkler <ringmaster at midnightcircus.com> wrote:
> Jason Salaz wrote:
> > On 6/22/06, Handy <handy.solo at gmail.com> wrote:
> >> Anyone here be game to offer some reassurances or thoughts to this
> >> thread over in the Support Forums?
> >> http://wordpress.org/support/topic/76975?replies=7 titled "How to make
> >> comments safe?"
> >
> > Isn't kses running against all comments 'out of the box'?
> > I can't even comment with a freaking <q> tag for crying out loud.  And
> > he wants to say that an open <script> capability exists?
> >
> > Somebody is either 1) not running stock wordpress 2) has extensive
> > mods.  Whether core code modification or script level, who knows.
>
> He's just commenting as logged in user with the unfiltered_html
> capability.  Normal visitors won't be able to post script tags to his
> comments.
>
> Owen
>
>
> _______________________________________________
> wp-hackers mailing list
> wp-hackers at lists.automattic.com
> http://lists.automattic.com/mailman/listinfo/wp-hackers
>


More information about the wp-hackers mailing list