Opened 14 years ago
Closed 11 years ago
#14376 closed defect (bug) (fixed)
admin post.php fails html validation due to use of "[" in name/id/for of hidden custom fields
Reported by: | anmari | Owned by: | nacin |
---|---|---|---|
Milestone: | 3.9 | Priority: | lowest |
Severity: | normal | Version: | 3.0 |
Component: | Posts, Post Types | Keywords: | has-patch |
Focuses: | accessibility, administration | Cc: |
Description (last modified by )
Post.php is causing many many html validation errors due to hidden screen reader text for post meta fields mainly. Not a major problem, but annoying when attempting to validate admin plugin code.
eg:
<label class='screen-reader-text' for='meta[1957][key]'>Key</label><input name='meta[1957][key]' id='meta[1957][key]' tabindex='6' type='text' size='20' value='_wp_geo_latitude' /> character "[" is not allowed in the value of attribute "id" character "[" is not allowed in the value of attribute "for"
"[" are allowed in the name attribute. So perhaps one could simply strip them out them for the 'id' and the 'for'?
Other failed validation messages that occur a lot and appear to be wp generated code:
- ID "_ajax_nonce" already defined
- reference to non-existent ID "metakeyselect"
Attachments (1)
Change History (10)
#2
@
14 years ago
- Keywords needs-patch added; validation meta customfields removed
- Milestone changed from Awaiting Review to Future Release
- Priority changed from normal to lowest
We'd want to use something like sanitize_html_class() to properly remove invalid characters.
#5
@
11 years ago
- Component changed from Administration to Posts, Post Types
- Focuses administration added
#7
@
11 years ago
- Keywords has-patch added; needs-patch removed
- Milestone changed from Future Release to 3.9
Have to be careful to not reintroduce something like #21829, but 14376.patch appears to be working.
Confirmed that #metakeyselect
only exists if there is at least one non-private meta key in the database: tags/3.8.1/src/wp-admin/includes/template.php#L582.
Multiple _ajax_nonce
fields are fixed in [14933].
Speaking of
_ajax_nonce
,_ajax_nonce
&_wp_nonce
appear not to be unique in several other places of the Admin Menu (e.g. the template-edit pages like Categories). - Maybe we should open a separate ticket as in #13383?