[wp-trac] Re: [WordPress Trac] #7869: Colorizing comments should be
enabled
WordPress Trac
wp-trac at lists.automattic.com
Sun Oct 12 00:00:12 GMT 2008
#7869: Colorizing comments should be enabled
-------------------------+--------------------------------------------------
Reporter: huji | Owner: anonymous
Type: enhancement | Status: new
Priority: normal | Milestone: 2.8
Component: General | Version:
Severity: normal | Resolution:
Keywords: |
-------------------------+--------------------------------------------------
Comment (by DD32):
If you're an admin, You can use any HTML in comments AFAIK, That includes
using font tags with color attribute, or using the style attribute.
I wasnt even aware that BBCode was used by WordPress?(Actually, Doesnt
appear so)
The HTML tags which general commenters can use is highly restricted in
order to prevent a malicious comment running JS or inserting malicious
content, JS can be executed via the style attribute under IE AFAIK, as
well as a few other attributes which should be generally 'safe'..except
when using certain browsers.
--
Ticket URL: <http://trac.wordpress.org/ticket/7869#comment:1>
WordPress Trac <http://trac.wordpress.org/>
WordPress blogging software
More information about the wp-trac
mailing list