Opened 2 years ago
Last modified 2 years ago
#56521 new defect (bug)
wp_kses wp_kses_hair fails to allow a valueless attribute when is follwed by /
Reported by: | luistar15 | Owned by: | |
---|---|---|---|
Milestone: | Awaiting Review | Priority: | normal |
Severity: | major | Version: | 6.0.2 |
Component: | Security | Keywords: | has-patch |
Focuses: | Cc: |
Description
I have created a static gutenberg block for managing forms.
The block generates <input>
html elements, for example:
<input name="email" required/>
But after saving the post, the required
attribute is striped in the db:
<input name="email"/>
So the visitors are sendig the form ignoring the validation.
It only happens when the attribute is the last one and is followerd by /
without spaces:
<input name="email" required> => OK <input name="email" required/> => ERROR <input name="email" required /> => OK
I put togheter a test case:
// theme/functions.php
add_action( 'init', function () {
$tests = [
'<input name="email" required>',
'<input name="email" required/>',
'<input name="email" required />',
];
$allowed_html = [
'input' => [
'name' => true,
'required' => true,
],
];
header('Content-Type: text/plain; charset=UTF-8', true);
foreach ( $tests as $test ) {
$sanitized = wp_kses( $test, $allowed_html );
printf( "_in => %s\nout => %s\n\n", $test, $sanitized);
}
exit;
});
I have found where the error could be fixed:
// wp-includes/kses.php:1320
if ( preg_match( '/^\s+/', $attr ) ) { // Valueless.
Replacing the regex /^\s+/
with /^(\s+|\/$)/
fixes the problem.
I'm hopping it can be fixed for the next release, until then I'm manually applying the patch again.
Change History (1)
This ticket was mentioned in PR #3200 on WordPress/wordpress-develop by luistar15.
2 years ago
#1
- Keywords has-patch added
Note: See
TracTickets for help on using
tickets.
wp_kses_hair
fails to parse a valueless attribute at the end of the list.For example:
<input name="email" required/>
will strip therequired
attribute.This change fixes it.
https://core.trac.wordpress.org/ticket/56521