[wp-trac] Re: [WordPress Trac] #3290: Importer strips img class and
style
WordPress Trac
wp-trac at lists.automattic.com
Tue Nov 28 23:55:06 GMT 2006
#3290: Importer strips img class and style
-----------------------------+----------------------------------------------
Reporter: foolswisdom | Owner: anonymous
Type: defect | Status: new
Priority: high | Milestone: 2.1
Component: Administration | Version: 2.1
Severity: major | Resolution:
Keywords: import importer |
-----------------------------+----------------------------------------------
Comment (by foolswisdom):
1. 2. Yeah neither class nor style are safe. A friend 'anotherjesse'
explained to me how how class could be used to make ~ login prompt, and
style can have javascript within it.
It seems that the possible solution is limited to allowing importing as
filtering appropriate to the user.
--
Ticket URL: <http://trac.wordpress.org/ticket/3290#comment:4>
WordPress Trac <http://trac.wordpress.org/>
WordPress blogging software
More information about the wp-trac
mailing list