#24198 closed defect (bug) (fixed)
Twenty Thirteen: Script tag output to screen in entry-media (MediaElement.js Plugin Compat)
Reported by: | dh-shredder | Owned by: | |
---|---|---|---|
Milestone: | 3.6 | Priority: | normal |
Severity: | normal | Version: | 3.6 |
Component: | Bundled Theme | Keywords: | |
Focuses: | Cc: |
Description
When the MediaElement.js plugin is active, <script> tags with content are sent to the .entry-media, causing any script content to be visible in browser:
http://screen.objects.dreamhost.com/04-25-2013-15-45-19.png
This appears to be caused by:
http://core.trac.wordpress.org/browser/trunk/wp-content/themes/twentythirteen/style.css?rev=23991#L1425
It overrides the built-in style sheet of the browser (which hides <script> content).
Attachments (2)
Change History (13)
#2
@
11 years ago
In case it wasn't clear, to reproduce:
- Install and Activate MediaElement.js
- Insert a Video into a post
- View that post
Really, though, any <script>...</script>
content within the specified .entry-media
area will be visible to the user, and MediaElement.js is just one example of the issue.
#4
follow-up:
↓ 5
@
11 years ago
.1 adjusts the style.css changes to only "entry-media" for both width/height.
@obenland Why is the RTL display-inline rule needed?
#5
in reply to:
↑ 4
@
11 years ago
Replying to lancewillett:
Why is the RTL display-inline rule needed?
So that linked images do not break out of the .entry-media
container.
#7
@
11 years ago
@dh-shredder Can you re-test please and let us know if we can close the ticket as fixed?
#8
@
11 years ago
Looks good! Working perfectly now, with the same presentation whether MediaElement.js is enabled or not.
Related: [23839], [23991]