[wp-trac] [WordPress Trac] #44724: KSES: Allow 'download' attribute for links

WordPress Trac noreply at wordpress.org
Fri Dec 14 03:27:59 UTC 2018 

#44724: KSES: Allow 'download' attribute for links
------------------------------------------------+------------------------
 Reporter:  SergeyBiryukov                      |       Owner:  chriscct7
     Type:  enhancement                         |      Status:  closed
 Priority:  normal                              |   Milestone:  5.0
Component:  Formatting                          |     Version:
 Severity:  normal                              |  Resolution:  fixed
 Keywords:  has-patch has-unit-tests fixed-5.0  |     Focuses:
------------------------------------------------+------------------------
Changes (by pento):

 * status:  accepted => closed
 * resolution:   => fixed


Comment:

 In [changeset:"44156" 44156]:
 {{{
 #!CommitTicketReference repository="" revision="44156"
 KSES: Allow the `download` attribute on `<a>` tags.

 To avoid this being a vector for bypassing the filetypes that are allowed
 to be uploaded, this attribute is only allowed to be added without a
 value.

 Merges [43813] from the 5.0 branch to trunk.

 Props kalpshit, arshidkv12, welcher, peterwilsoncc, marina_wp, pento.
 Fixes #44724.
 }}}

-- 
Ticket URL: <https://core.trac.wordpress.org/ticket/44724#comment:15>
WordPress Trac <https://core.trac.wordpress.org/>
WordPress publishing platform

More information about the wp-trac mailing list