Ready to get started?Download WordPress

Make WordPress Core

Context Navigation

← Previous Ticket
Next Ticket →

Opened 3 years ago

Last modified 2 years ago

#17847 new defect (bug)

wp_kses_hair is too stringent

Reported by:	jorbin	Owned by:
Priority:	normal	Milestone:	Awaiting Review
Component:	Formatting	Version:	1.5
Severity:	normal	Keywords:	has-patch
Cc:

Description

attributes from custom xml name spaces may use colons, but the regex used inside wp_kses_hair doesn't allow them through.

Attachments (1)

18320.diff (577 bytes) - added by jorbin 3 years ago.

Download all attachments as: .zip

Change History (5)

jorbin — 3 years ago

Attachment 18320.diff added

comment:1 nacin — 3 years ago

Component changed from Security to Formatting

Can you provide some test cases as to what these attributes look like?

comment:2 jorbin — 3 years ago

addthis:url is one example

comment:3 johnbillion — 2 years ago

Google Products is one too, using g:* for many attributes in their product data feeds.

comment:4 kurtpayne — 2 years ago

Version set to 1.5

Note: See TracTickets for help on using tickets.

Download in other formats: