WordPress.org

Make WordPress Core

Opened 4 years ago

Closed 4 years ago

Last modified 4 years ago

#10336 closed defect (bug) (fixed)

Inline CSS filter for kses

Reported by: azaozz Owned by: ryan
Priority: normal Milestone: 2.8.1
Component: Security Version:
Severity: normal Keywords:
Cc:

Description

There are quite a few nasty CSS "tricks" that are currently possible for users without the "unfiltered html" capability. Adding the inline CSS filtering from WPMU with some improvements would close that hole and still allow most basic styles through.

Attachments (1)

kses.patch (2.4 KB) - added by azaozz 4 years ago.

Download all attachments as: .zip

Change History (5)

azaozz4 years ago

comment:1 ryan4 years ago

Looks good.

comment:2 azaozz4 years ago

  • Milestone changed from Unassigned to 2.8.1

comment:3 azaozz4 years ago

  • Resolution set to fixed
  • Status changed from new to closed

(In [11689]) Inline CSS filter for kses, for trunk, fixes #10336

comment:4 azaozz4 years ago

In [11688] for 2.8.1

Note: See TracTickets for help on using tickets.