#48376 closed enhancement (fixed)
Update kses safecss_filter_attr function to allow gradient backgrounds
Reported by: | jorgefilipecosta | Owned by: | SergeyBiryukov |
---|---|---|---|
Milestone: | 5.3.1 | Priority: | normal |
Severity: | normal | Version: | 5.3 |
Component: | Formatting | Keywords: | has-patch |
Focuses: | Cc: |
Description
Currently, our KSES rules remove gradient backgrounds from style attributes (on contributor roles).
The block editor is introducing a mechanism to allow users to create and use a custom background. If our KSES rules are not updated, only roles with unfiltered HTML permissions will take advantage of this functionality.
I think our KSES rules should be updated. URL backgrounds, for example, are accepted, given that's the case, I think gradients should also be accepted. Ultimately what one can do with gradient background one can do with a URL background.
Related block editor issue:
https://github.com/WordPress/gutenberg/issues/17938
Related block editor PR's:
https://github.com/WordPress/gutenberg/pull/17603
https://github.com/WordPress/gutenberg/pull/18001
Attachments (1)
Change History (7)
This ticket was mentioned in Slack in #core-editor by peterwilsoncc. View the logs.
5 years ago
#3
@
5 years ago
- Component changed from General to Formatting
- Milestone changed from Awaiting Review to 5.3.1
As a test case, I did the following:
Logged as a contributor rule.
Opened code editor mode.
Pasted the following content:
Submitted the post for review.
Reloaded the editor and verified the gradient was still being applied (without this patch, the gradient is removed).
GitHub PR where we can see the green CI light: https://github.com/WordPress/wordpress-develop/pull/110