#6602 closed defect (bug) (fixed)
kses Should Prevent Duplicate Attributes
| Reported by: |
|
Owned by: |
|
|---|---|---|---|
| Priority: | normal | Milestone: | 2.6.1 |
| Component: | General | Version: | 2.6 |
| Severity: | normal | Keywords: | has-patch 2nd-opinion |
| Cc: |
Description
The following is allowed, which would break a blog using strict XHTML:
<a href='foo' href='foo'>blah</a>
Attachments (1)
Change History (12)
- Resolution set to fixed
- Status changed from new to closed
- Milestone changed from 2.7 to 2.6.1
- Resolution fixed deleted
- Status changed from closed to reopened
Re-open for 2.6.1
- Resolution set to fixed
- Status changed from reopened to closed
- Resolution fixed deleted
- Status changed from closed to reopened
- Version changed from 2.5.1 to 2.9.1
Bug appears to still be valid in WP 2.9.1, despite my patch being in kses.php
comment:10
nacin — 3 years ago
- Resolution set to fixed
- Status changed from reopened to closed
- Version changed from 2.9.1 to 2.6
Re-closing (see #6642:comment:15)
comment:11
rubys — 3 years ago
- Cc rubys@… removed
Note: See
TracTickets for help on using
tickets.
Updated patch to take first attribute and ignore later duplicate attributes (per Sam Ruby's comment)