Opened 15 months ago

Last modified 7 months ago

#20210 closed defect (bug)

Always allow the standard attributes for all elements when filtering content using kses for posts. — at Version 2

Reported by: westi Owned by:
Priority: normal Milestone: 3.5
Component: Formatting Version: 3.4
Severity: normal Keywords: needs-patch
Cc: westi

Description (last modified by westi)

The list of allowed attributes to configure kses for post content filtering is hit and miss.

We should always allow the standard attributes: class, id, style and title.

We should also make any other extend attributes consistent.

Related: #18649, #18133 / #17977

Change History (2)

comment:1   westi15 months ago

[UT569] is a start on some tests for these kind of issues.

comment:2   westi15 months ago

  • Description modified (diff)
Note: See TracTickets for help on using tickets.