#37085 closed defect (bug) (invalid)
$allowedposttags doesn't allow form inputs
Reported by: | wido | Owned by: | |
---|---|---|---|
Milestone: | Priority: | normal | |
Severity: | normal | Version: | |
Component: | Formatting | Keywords: | |
Focuses: | Cc: |
Description
The global $allowedposttags include the following allowed tags:
- Form
- Label
- Legend
- Textarea
But not inputs, select, option and other input tags.
So when I have a form within an html string and use wp_kses_post function I miss all of the form inputs.
Attachments (1)
Change History (7)
#1
@
8 years ago
- Keywords needs-patch added
- Milestone changed from Awaiting Review to Future Release
- Version trunk deleted
#3
@
7 years ago
I'll add new attributes and tags here https://gist.github.com/widoz/2b0e7501fb4b86103e3e529339652952#file-ksespost-php
Update: After the WordCamp Europe 2018 during the contributor day I realized a patch. Do not rely on the github snippet.
Note: See
TracTickets for help on using
tickets.
I made this little function but need more re-search about all of the allowed attributes.
Also, seems the form tag have missed the 'novalidate' attribute, but I want to read the specs about it.
Update:
Fieldset in $allowedposttags have no attributes allowed like id, class, form and name. I don't know right now for other attributes.