Make WordPress Core

Opened 4 years ago

Last modified 4 years ago

#48873 new defect (bug)

CSS Selectors in style tags containing greater than signs are escaped

Reported by: bfintal's profile bfintal Owned by:
Milestone: Awaiting Review Priority: normal
Severity: normal Version: 5.3
Component: Formatting Keywords:
Focuses: Cc:


If you have unfiltered html disallowed, and you have in your content a style tag with a > selector, the selector will be escaped into > preventing the CSS from working.

I've used the wp_kses_allowed_html filter to allow style tags in wp_kses.
I also have this defined to disallow unfiltered html:


Sample content:

body > header {
    background: red;

Saving this with unfiltered html disallowed would result in:

body &gt; header {
    background: red;

Since it's escaped, the CSS stops working.

I don't think there's a way to allow allow > signs in <style> tags.

Change History (1)

#1 @SergeyBiryukov
4 years ago

  • Component changed from General to Formatting
Note: See TracTickets for help on using tickets.