WordPress.org

Make WordPress Core

Changeset 23316


Ignore:
Timestamp:
01/22/2013 03:36:57 PM (5 years ago)
Author:
nacin
Message:

Verify tags used in the gallery shortcode.

File:
1 edited

Legend:

Unmodified
Added
Removed
  • trunk/wp-includes/media.php

    r23264 r23316  
    736736    $itemtag = tag_escape($itemtag);
    737737    $captiontag = tag_escape($captiontag);
     738    $icontag = tag_escape($icontag);
     739    $valid_tags = wp_kses_allowed_html( 'post' );
     740    if ( ! isset( $valid_tags[ $itemtag ] ) )
     741        $itemtag = 'dl';
     742    if ( ! isset( $valid_tags[ $captiontag ] ) )
     743        $captiontag = 'dd';
     744    if ( ! isset( $valid_tags[ $icontag ] ) )
     745        $icontag = 'dt';
     746
    738747    $columns = intval($columns);
    739748    $itemwidth = $columns > 0 ? floor(100/$columns) : 100;
Note: See TracChangeset for help on using the changeset viewer.