[wp-trac] Re: [WordPress Trac] #5917: Kses should apply
bad-protocol check only to URI typed attributes
WordPress Trac
wp-trac at lists.automattic.com
Mon Jul 28 18:21:42 GMT 2008
#5917: Kses should apply bad-protocol check only to URI typed attributes
----------------------------+-----------------------------------------------
Reporter: takayukister | Owner: anonymous
Type: defect | Status: new
Priority: normal | Milestone: 2.9
Component: General | Version: 2.5
Severity: normal | Resolution:
Keywords: kses has-patch |
----------------------------+-----------------------------------------------
Comment (by ryan):
5917.diff takes a bit different approach. It moves everything into
wp_kses_hair(). The list of attributes to check for bad protocols was
obtained by searching for %URI in the XHTML DTDs. Since these particular
attributes are always used as a URI regardless of the element they are in,
I skipped checking the element.
--
Ticket URL: <http://trac.wordpress.org/ticket/5917#comment:4>
WordPress Trac <http://trac.wordpress.org/>
WordPress blogging software
More information about the wp-trac
mailing list