Make WordPress Core

Changes between Version 2 and Version 3 of Ticket #37134, comment 20


Ignore:
Timestamp:
06/03/2020 08:12:14 PM (4 years ago)
Author:
azaozz
Comment:

Legend:

Unmodified
Added
Removed
Modified
  • Ticket #37134, comment 20

    v2 v3  
    22- (minor) The filter is for a regex, not "chars", perhaps the filter name and the var name should mention that :)
    33- Allowing `(`, `)`, etc. can be done now, but it's still a potential security breach. Thinking there should be at least some more documentation on why these are not allowed by default, and what would be "safe" there.
    4 - Perhaps instead of filtering/replacing the regex, the whole check can be done preemptively? Seems to make more sense if/when plugins want to use another method of checking for safe CSS.
     4- Perhaps instead of filtering/replacing the regex, the whole check can be done preemptively? Seems to make more sense if/when plugins want to use another method of checking for safe CSS. This will also allow several plugins to run their checks instead of overriding one another.