[wp-trac] [WordPress Trac] #53098: Add all HTML spec attributes to wp kses
WordPress Trac
noreply at wordpress.org
Tue Apr 27 11:02:19 UTC 2021
#53098: Add all HTML spec attributes to wp kses
-------------------------------+------------------------------
Reporter: malthert | Owner: (none)
Type: defect (bug) | Status: new
Priority: normal | Milestone: Awaiting Review
Component: Formatting | Version:
Severity: normal | Resolution:
Keywords: reporter-feedback | Focuses:
-------------------------------+------------------------------
Changes (by audrasjb):
* keywords: => reporter-feedback
Comment:
Hello,
Currently, the list of allowed tags and attributes is an allowlist, not a
blocklist. Therefore, we need to add the HTML elements and attributes in
the allowlist one by one.
This is handled in the `$allowedposttags` global, defined in the `wp-
includes/kses.php` file:
https://core.trac.wordpress.org/browser/tags/5.7.1/src/wp-
includes/kses.php#L50
So. In order to help this ticket to move forward, we need a proposal
concerning the tags and attributes you want to add to the allowlist.
Please feel free to make a proposal. I think it would be great to add some
explanation on why each tag or attribute should be allowlisted :)
--
Ticket URL: <https://core.trac.wordpress.org/ticket/53098#comment:2>
WordPress Trac <https://core.trac.wordpress.org/>
WordPress publishing platform
More information about the wp-trac
mailing list