[wp-trac] [WordPress Trac] #46878: Site Health: Allow 'target' in 'a' tags in the debug data description
WordPress Trac
noreply at wordpress.org
Mon Apr 22 20:39:24 UTC 2019
#46878: Site Health: Allow 'target' in 'a' tags in the debug data description
-----------------------------------+---------------------
Reporter: kraftbj | Owner: (none)
Type: enhancement | Status: new
Priority: normal | Milestone: 5.2
Component: Administration | Version: trunk
Severity: normal | Resolution:
Keywords: site-health has-patch | Focuses:
-----------------------------------+---------------------
Changes (by azaozz):
* keywords: site-health needs-patch => site-health has-patch
Comment:
In 46878.5.diff:
- Do not use kses to sanitize section descriptions.
- Add a bit more docs explaining the expected format of the strings.
The section descriptions come directly from plugins, and are not used in
the data for copying. There's no need to sanitize them as mentioned above.
The fields names and values are run through `esc_html()` and all of the
data for copying is sanitized with `esc_attr()`. They do not support HTML
tags. Don't think they need additional sanitization.
--
Ticket URL: <https://core.trac.wordpress.org/ticket/46878#comment:15>
WordPress Trac <https://core.trac.wordpress.org/>
WordPress publishing platform
More information about the wp-trac
mailing list