[wp-trac] [WordPress Trac] #20125: Escape output in settings_errors
WordPress Trac
wp-trac at lists.automattic.com
Mon Feb 27 06:37:53 UTC 2012
#20125: Escape output in settings_errors
-----------------------------+------------------------------
Reporter: tollmanz | Owner:
Type: enhancement | Status: new
Priority: normal | Milestone: Awaiting Review
Component: General | Version: 3.0
Severity: normal | Resolution:
Keywords: has-patch close |
-----------------------------+------------------------------
Changes (by solarissmoke):
* keywords: has-patch => has-patch close
Comment:
Replying to [ticket:20125 tollmanz]:
> My patch tries to allow common, reasonable tags to be output. I use
"wp_kses_data", which will only allow tags defined in the $allowedtags
variable.
Generally !WordPress does not restrict plugins in this manner - IMO that's
what makes the plugin API so powerful. I think it's the responsibility of
plugin authors to make sure their code doesn't break things.
--
Ticket URL: <http://core.trac.wordpress.org/ticket/20125#comment:2>
WordPress Trac <http://core.trac.wordpress.org/>
WordPress blogging software
More information about the wp-trac
mailing list