WordPress.org
Get WordPress

Make WordPress Core

Opened 16 years ago

Closed 16 years ago

Last modified 7 years ago

#10336 closed defect (bug) (fixed)

Inline CSS filter for kses

Reported by: azaozz's profile azaozz Owned by: ryan's profile ryan
Milestone: 2.8.1 Priority: normal
Severity: normal Version:
Component: Security Keywords:
Focuses: Cc:

Description

There are quite a few nasty CSS "tricks" that are currently possible for users without the "unfiltered html" capability. Adding the inline CSS filtering from WPMU with some improvements would close that hole and still allow most basic styles through.

Attachments (1)

kses.patch (2.4 KB) - added by azaozz 16 years ago.

Download all attachments as: .zip

Change History (6)

@azaozz
16 years ago

#1 @ryan
16 years ago

Looks good.

#2 @azaozz
16 years ago

  • Milestone changed from Unassigned to 2.8.1

#3 @azaozz
16 years ago

  • Resolution set to fixed
  • Status changed from new to closed

(In [11689]) Inline CSS filter for kses, for trunk, fixes #10336

#4 @azaozz
16 years ago

In [11688] for 2.8.1

This ticket was mentioned in Slack in #core-editor by sergey. View the logs.
7 years ago

Note: See TracTickets for help on using tickets.