[wp-trac] [WordPress Trac] #60448: Iframe from `$errmsg` is now removed from error message in the plugins page
WordPress Trac
noreply at wordpress.org
Tue Feb 6 21:27:23 UTC 2024
#60448: Iframe from `$errmsg` is now removed from error message in the plugins page
--------------------------+-----------------------------
Reporter: renathoc | Owner: (none)
Type: defect (bug) | Status: new
Priority: normal | Milestone: Awaiting Review
Component: General | Version: 6.4
Severity: normal | Keywords:
Focuses: |
--------------------------+-----------------------------
We have a `die` with a message in case of a plugin activation failure
here:
https://github.com/Automattic/sensei/blob/1933acc544be8a98866bec1b8790a5b195d5b4c7
/sensei-lms.php#L65.
The message used to work until WordPress 6.3, and it stopped working.
I think it was broken with this change:
https://github.com/WordPress/WordPress/commit/768f51f60c308a06492dcda163b80c1c3ff6ebb9
The reason seems to be because the iframe is now concatenated in the
`$errmsg` variable, which is sent to the `wp_admin_notice`, and later it
goes through the `wp_kses_post`, being removed.
--
Ticket URL: <https://core.trac.wordpress.org/ticket/60448>
WordPress Trac <https://core.trac.wordpress.org/>
WordPress publishing platform
More information about the wp-trac
mailing list