[wp-trac] [WordPress Trac] #30421: Add ARIA attributes to globally permitted HTML attributes in kses

WordPress Trac noreply at wordpress.org
Wed Mar 11 18:51:34 UTC 2015


#30421: Add ARIA attributes to globally permitted HTML attributes in kses
-------------------------------------+-------------------------------------
 Reporter:  jwenerd                  |       Owner:
     Type:  enhancement              |      Status:  new
 Priority:  normal                   |   Milestone:  Future Release
Component:  Formatting               |     Version:
 Severity:  normal                   |  Resolution:
 Keywords:  kses needs-patch needs-  |     Focuses:  accessibility,
  unit-tests early                   |  administration
-------------------------------------+-------------------------------------
Changes (by jorbin):

 * keywords:  kses needs-patch needs-unit-tests => kses needs-patch needs-
     unit-tests early
 * milestone:  4.2 => Future Release


Comment:

 https://core.trac.wordpress.org/attachment/ticket/30421/aria-kses-1.diff
 combined with https://core.trac.wordpress.org/attachment/ticket/30421
 /aria-kses-test.diff is really close to what I think we should go with,
 but we need to do a bit more verification that none of these are going to
 introduce any unintended security holes.

 I'm adding the early tag as I think a bit more verification on what each
 aria attribute does to ensure they can't be exploited, along with making
 sure we have all of the aria attributes covered this can make it in early
 in 4.3

--
Ticket URL: <https://core.trac.wordpress.org/ticket/30421#comment:11>
WordPress Trac <https://core.trac.wordpress.org/>
WordPress publishing platform


More information about the wp-trac mailing list