[wp-trac] Re: [WordPress Trac] #8786: Add option to disable
unfiltered_html for all users (and explain it in the process)
WordPress Trac
wp-trac at lists.automattic.com
Mon Apr 20 11:39:16 GMT 2009
#8786: Add option to disable unfiltered_html for all users (and explain it in the
process)
-----------------------------+----------------------------------------------
Reporter: jeremyclarke | Owner: ryan
Type: feature request | Status: new
Priority: normal | Milestone: 2.9
Component: Security | Version:
Severity: normal | Keywords:
-----------------------------+----------------------------------------------
Comment(by Denis-de-Bernardy):
I'd say wontfix.
The use-case you suggest deals with admins not being able to reproduce
what users are saying because kses allows them to post anything. But the
checkbox you suggest would make all contributors eligible to insert
scripts into the site. It's not very desirable.
At the very most, we'd want a verbose option that offers to disable
unfiltered html for roles that have it. But in this case, we'll end up
introducing even more confusion...
--
Ticket URL: <http://core.trac.wordpress.org/ticket/8786#comment:2>
WordPress Trac <http://trac.wordpress.org/>
WordPress blogging software
More information about the wp-trac
mailing list