[wp-trac] [WordPress Trac] #23820: Multisite: Cannot give unfiltered_html to administrator
WordPress Trac
noreply at wordpress.org
Wed Mar 20 18:00:03 UTC 2013
#23820: Multisite: Cannot give unfiltered_html to administrator
--------------------------+----------------------
Reporter: dyordan1 | Owner:
Type: defect (bug) | Status: closed
Priority: normal | Milestone:
Component: Multisite | Version: 3.5.1
Severity: normal | Resolution: invalid
Keywords: |
--------------------------+----------------------
Comment (by dyordan1):
Replying to [comment:5 obenland]:
> Replying to [comment:4 dyordan1]:
> > I looked at the code of has_cap but couldn't figure out what was going
wrong so I submitted it here.
>
> This is not a support forum. We have [http://wordpress.org/support/ an
actual support forum] for that.
has_cap is a core function. Look at the code I posted and if you tell me
it really is a support question I'll leave this closed and move along.
> > That plugin has not been updated in a while and I don't believe in
installing a plugin for a single line of code I need.
>
> This is unfortunate. The fact that is hasn't been updated in two years
does not mean it doesn't work anymore. Especially having the authors that
it has.
>
> Unfiltered html for roles other than the super admin will (most likely)
never happen, for the reasons outlined in the plugin description: "Any
user could add Javascript code to steal the login cookies of any visitor
who runs a blog on the same site. The rogue user can then inpersonate any
of those users and wreak havoc." Just recently we had another prove of
that in r21774.
I am not asking to see it in core, I am trying to do it on one customized
theme which will be used on one network with full control over who gets
administrator roles.
--
Ticket URL: <http://core.trac.wordpress.org/ticket/23820#comment:6>
WordPress Trac <http://core.trac.wordpress.org/>
WordPress blogging software
More information about the wp-trac
mailing list