[wp-hackers] Why kses filtered html strips class?
Chris
chris.hearn01 at ntlworld.com
Thu Aug 2 23:36:18 GMT 2007
Jacob, thanks for the link - have downloaded it and that does solve the
problem - just _another plugin!
Still dont understand why WP whacks it tho!
Chris
jacobsantos at branson.com wrote:
> Why don't you use something like HTML Purifier and overwrite the
> default Kses for editors? HTML Purifier and a WordPress plugin can be
> found at http://htmlpurifier.org .
>
> If it isn't whitelisted, then it is removed. From reading kses.php,
> from what I can gather is that there are two whitelists. One that has
> major permissions, I guess for Administrators and one that is a more
> restrictive version.
>
> Chris wrote:
>> Hi,
>> I have a modified plugin which allows my "Editor" users to upload and
>> add links to pdf files from within tinymce editor - (it inserts an
>> icon with a link to the actual pdf file). I have put a
>> class="thumb_icon" into the html, so that the link icons can be
>> styled - but kses is stripping code out - why? and how to modify so
>> that it doesn't.
>> I don't really want to allow unfiltered html for the "Editor"
>> capabilities.
>> The kses.php mentions using my-hacks.php... if this is the way to go,
>> what would I put in there?
>> But I still don't understand why class="xx" is considered nasty and
>> must be removed!
>> thanks
>> Chris
>>
> _______________________________________________
> wp-hackers mailing list
> wp-hackers at lists.automattic.com
> http://lists.automattic.com/mailman/listinfo/wp-hackers
>
More information about the wp-hackers
mailing list