[wp-trac] [WordPress Trac] #37594: Quick Draft dashboard widget toggle button contains escaped HTML
WordPress Trac
noreply at wordpress.org
Mon Aug 8 08:32:07 UTC 2016
#37594: Quick Draft dashboard widget toggle button contains escaped HTML
----------------------------+-----------------------------------------
Reporter: afercia | Owner:
Type: defect (bug) | Status: new
Priority: normal | Milestone: 4.6
Component: Administration | Version: trunk
Severity: normal | Keywords: needs-patch has-screenshots
Focuses: |
----------------------------+-----------------------------------------
Introduced in [37972]
The Quick Draft dashboard widget title contains some HTML, a couple of
`<span>` elements to show a different title depending on JavaScript is on
or off. In fact, when JS is off, the widget hides the "quick press" form,
shows the current user recent drafts and the title becomes "Drafts".
The same title string is used also for the "toggle" arrow and, as far as I
see, in WordPress 4.5 is not escaped but it is on trunk. The result is an
escaped HTML string in the button `screen-reader-text`:
[[Image(https://cldup.com/4jpm16bGv4.png)]]
Screen readers will read out the text as "less then span class..." etc.
Also, please notice the same string is not escaped when used for the
widget `<h2>` heading and for the checkbox label in the Screen Options.
Maybe the best option would be refactoring the HTML in order to have 2
separated strings, but WordPress 4.6 is now Release Candidate so it's
strings freeze time. The only other solution I can think of is removing
the escaping ...
--
Ticket URL: <https://core.trac.wordpress.org/ticket/37594>
WordPress Trac <https://core.trac.wordpress.org/>
WordPress publishing platform
More information about the wp-trac
mailing list