[wp-trac] Re: [WordPress Trac] #3290: Importer strips img class and style

WordPress Trac wp-trac at lists.automattic.com
Tue Nov 28 23:55:06 GMT 2006

#3290: Importer strips img class and style
 Reporter:  foolswisdom      |        Owner:  anonymous
     Type:  defect           |       Status:  new      
 Priority:  high             |    Milestone:  2.1      
Component:  Administration   |      Version:  2.1      
 Severity:  major            |   Resolution:           
 Keywords:  import importer  |  
Comment (by foolswisdom):

 1. 2. Yeah neither class nor style are safe. A friend 'anotherjesse'
 explained to me how how class could be used to make ~ login prompt, and
 style can have javascript within it.

 It seems that the possible solution is limited to allowing importing as
 filtering appropriate to the user.

Ticket URL: <http://trac.wordpress.org/ticket/3290#comment:4>
WordPress Trac <http://trac.wordpress.org/>
WordPress blogging software

More information about the wp-trac mailing list