WordPress.org

Make WordPress Core

Opened 4 years ago

Closed 6 months ago

#18245 closed enhancement (maybelater)

Make the visual editor KSES filter/user capabilities aware

Reported by: azaozz Owned by:
Milestone: Priority: normal
Severity: normal Version:
Component: Editor Keywords: reporter-feedback
Focuses: Cc:

Description

Currently the visual editor assumes "unlimited html" for all users. This can result in some surprises when a user doesn't have that capability.

We can make a function that translates the KSES allowed tags and attributes into TinyMCE format and sets the editor accordingly.

Change History (4)

comment:1 @azaozz4 years ago

  • Milestone changed from Awaiting Review to Future Release

comment:2 @WraithKenny4 years ago

  • Cc Ken@… added

comment:3 @chriscct76 months ago

  • Keywords reporter-feedback added

@azaozz Do you know if there a function for this now? I'm almost certain there is.

comment:4 @azaozz6 months ago

  • Milestone Future Release deleted
  • Resolution set to maybelater
  • Status changed from new to closed

It is possible to do even better/easier in TinyMCE 4.0. We can set the allowed_elements without worrying that some internals would break.

However the usefulness of this is quite limited. Kses was fixed/expanded several times since this ticket. Generally by default the users cannot add "forbidden" tags and attributes, so this would apply only for plugins that extend the editor and only in certain cases. Also, we cannot stop the users adding arbitrary content in the Text editor.

Thinking this is something we can revisit in the future if a need arises.

Note: See TracTickets for help on using tickets.