[wp-trac] [WordPress Trac] #22436: escape recent posts widget post titles
WordPress Trac
noreply at wordpress.org
Wed Nov 14 03:37:26 UTC 2012
#22436: escape recent posts widget post titles
--------------------------+------------------------------
Reporter: niallkennedy | Owner:
Type: enhancement | Status: new
Priority: normal | Milestone: Awaiting Review
Component: Widgets | Version:
Severity: normal | Resolution:
Keywords: has-patch |
--------------------------+------------------------------
Comment (by johnbillion):
Just to expand on what Nacin said; this actually applies anywhere, not
just in the widget you mentioned. Markup is allowed in post titles and it
gets sanitized by KSES, meaning users without the `unfiltered_html`
capability are limited to tags such as `<strong>`, `<em>` and a few
others.
--
Ticket URL: <http://core.trac.wordpress.org/ticket/22436#comment:2>
WordPress Trac <http://core.trac.wordpress.org/>
WordPress blogging software
More information about the wp-trac
mailing list