HTML5 <video> elements stripped in kses.php

[GChriss]

WordPress currently strips the  new HTML5 <video> element as it is unrecognized. The attached patch allows <video> passthrough in postings and comments.

Hopefully this patch (or a derivative) could be incorporated into WordPress proper.

Patch to kses.php to enable HTML5 <video> passthrough

I'm 100% certain we don't wan't porn and spamercials in comments.

<video> should be preserved only in postings IMO... allow posting videos in comment is dangerous.

No <audio>? No <source>?

Related: http://core.trac.wordpress.org/ticket/10247

see also #9437

This probably needs to support the source elements as well, so we can build in fallbacks for safari, firefox, IE, etc. You need the source element to be able to do that.

Our biggest problem is that the wysiwyg editor strips out <video> tags which makes it hard for people to edit posts without a lot of technical experience. Will this bug help with that? (I'm not sure what role kses.php plays in that.)

It's not hard to stop TinyMCE stripping <video>, <audio> and other new HTML 5.0 tags. The problem is what would the browsers show in the contentEditable iframe and would that bring any security problems. KSES is the backend HTML safety filter.