[wp-trac] [WordPress Trac] #21622: Validate or sandbox theme file edits before saving them (as is done for plugins)
WordPress Trac
noreply at wordpress.org
Tue Oct 3 19:34:40 UTC 2017
#21622: Validate or sandbox theme file edits before saving them (as is done for
plugins)
-------------------------------------+-----------------------------
Reporter: eschwartz93 | Owner: westonruter
Type: enhancement | Status: accepted
Priority: high | Milestone: 4.9
Component: Themes | Version: 2.7.1
Severity: normal | Resolution:
Keywords: has-patch needs-testing | Focuses: administration
-------------------------------------+-----------------------------
Comment (by westonruter):
Replying to [comment:32 johnbillion]:
> Good point. I wonder if it should be introduced there too. At the least,
it shortens the error message and makes it more readable.
Fixed in [https://github.com/xwp/wordpress-
develop/pull/272/commits/2b2af8103c1a935e22da812ef21a165442c96bd7
2b2af81].
> I think we should try to avoid this as a matter of best practice.
Inserting untrusted HTML into the DOM isn't a great idea. The Codex link
could be moved into the strings available on the front and and appended
depending on the error code. Not high priority by any means, but we can do
better.
Fixed in [https://github.com/xwp/wordpress-
develop/pull/272/commits/455ea66c0017517e1e463078d4cd51188a52692b
455ea66].
Full list of new changes: https://github.com/xwp/wordpress-
develop/pull/272/files/8abef67..cdc6ddc
--
Ticket URL: <https://core.trac.wordpress.org/ticket/21622#comment:34>
WordPress Trac <https://core.trac.wordpress.org/>
WordPress publishing platform
More information about the wp-trac
mailing list