[wp-trac] [WordPress Trac] #43457: `wp_html_split` valid HTML attributes issues
WordPress Trac
noreply at wordpress.org
Fri Mar 2 08:25:57 UTC 2018
#43457: `wp_html_split` valid HTML attributes issues
--------------------------+-----------------------------
Reporter: soulseekah | Owner:
Type: defect (bug) | Status: new
Priority: normal | Milestone: Awaiting Review
Component: Shortcodes | Version:
Severity: normal | Keywords:
Focuses: |
--------------------------+-----------------------------
There are a handful of valid HTML attributes that shatter `wp_html_split`.
Since it works by looking for the `<` character we can break it in many
ways, starting from:
https://mathiasbynens.be/demo/crazy-class
https://mathiasbynens.be/demo/html5-id
And ending in the less exotic and crazy:
{{{
<span data-content="<p>abcd</p>">loading...</span>
}}}
Same goes for CSS attribute selectors in <style> tags.
Related #43456, #39153, #40191
--
Ticket URL: <https://core.trac.wordpress.org/ticket/43457>
WordPress Trac <https://core.trac.wordpress.org/>
WordPress publishing platform
More information about the wp-trac
mailing list