Make WordPress Core

Opened 11 years ago

Closed 11 years ago

Last modified 11 years ago

#24198 closed defect (bug) (fixed)

Twenty Thirteen: Script tag output to screen in entry-media (MediaElement.js Plugin Compat)

Reported by: dh-shredder's profile dh-shredder Owned by:
Milestone: 3.6 Priority: normal
Severity: normal Version: 3.6
Component: Bundled Theme Keywords:
Focuses: Cc:


When the MediaElement.js plugin is active, <script> tags with content are sent to the .entry-media, causing any script content to be visible in browser:

This appears to be caused by:

It overrides the built-in style sheet of the browser (which hides <script> content).

Attachments (2)

24198.diff (2.9 KB) - added by obenland 11 years ago.
24198.1.diff (2.5 KB) - added by lancewillett 11 years ago.

Download all attachments as: .zip

Change History (13)

#1 @SergeyBiryukov
11 years ago

  • Milestone changed from Awaiting Review to 3.6

Related: [23839], [23991]

#2 @dh-shredder
11 years ago

In case it wasn't clear, to reproduce:

Really, though, any <script>...</script> content within the specified .entry-media area will be visible to the user, and MediaElement.js is just one example of the issue.

11 years ago

#3 @obenland
11 years ago

  • Keywords has-patch added; needs-patch removed

#4 follow-up: @lancewillett
11 years ago

.1 adjusts the style.css changes to only "entry-media" for both width/height.

@obenland Why is the RTL display-inline rule needed?

#5 in reply to: ↑ 4 @obenland
11 years ago

Replying to lancewillett:

Why is the RTL display-inline rule needed?

So that linked images do not break out of the .entry-media container.

#6 @lancewillett
11 years ago

In 24159:

Twenty Thirteen: update entry-media selector to be much more selective. Props obenland for beginning patch. See #24198.

#7 @lancewillett
11 years ago

@dh-shredder Can you re-test please and let us know if we can close the ticket as fixed?

#8 @dh-shredder
11 years ago

Looks good! Working perfectly now, with the same presentation whether MediaElement.js is enabled or not.

#9 @dh-shredder
11 years ago

  • Keywords close added; has-patch removed

#10 @lancewillett
11 years ago

  • Keywords has-patch added; close removed
  • Resolution set to fixed
  • Status changed from new to closed

Thanks Shredder. Closing.

#11 @lancewillett
11 years ago

  • Keywords has-patch removed
Note: See TracTickets for help on using tickets.