[wp-trac] [WordPress Trac] #23820: Multisite: Cannot give unfiltered_html to administrator
WordPress Trac
noreply at wordpress.org
Wed Mar 20 17:38:47 UTC 2013
#23820: Multisite: Cannot give unfiltered_html to administrator
--------------------------+----------------------
Reporter: dyordan1 | Owner:
Type: defect (bug) | Status: closed
Priority: normal | Milestone:
Component: Multisite | Version: 3.5.1
Severity: normal | Resolution: invalid
Keywords: |
--------------------------+----------------------
Changes (by obenland):
* keywords: 2nd-opinion =>
* status: new => closed
* resolution: => invalid
* milestone: Awaiting Review =>
Comment:
Replying to [comment:4 dyordan1]:
> I looked at the code of has_cap but couldn't figure out what was going
wrong so I submitted it here.
This is not a support forum. We have [http://wordpress.org/support/ an
actual support forum] for that.
[[BR]]
> That plugin has not been updated in a while and I don't believe in
installing a plugin for a single line of code I need.
This is unfortunate. The fact that is hasn't been updated in two years
does not mean it doesn't work anymore. Especially having the authors that
it has.
Unfiltered html for roles other than the super admin will (most likely)
never happen, for the reasons outlined in the plugin description: "Any
user could add Javascript code to steal the login cookies of any visitor
who runs a blog on the same site. The rogue user can then inpersonate any
of those users and wreak havoc." Just recently we had another prove of
that in r21774.
--
Ticket URL: <http://core.trac.wordpress.org/ticket/23820#comment:5>
WordPress Trac <http://core.trac.wordpress.org/>
WordPress blogging software
More information about the wp-trac
mailing list