#6602 closed defect (bug) (fixed)
kses Should Prevent Duplicate Attributes
Reported by: | schiller | Owned by: | |
---|---|---|---|
Milestone: | 2.6.1 | Priority: | normal |
Severity: | normal | Version: | 2.6 |
Component: | General | Keywords: | has-patch 2nd-opinion |
Focuses: | Cc: |
Description
The following is allowed, which would break a blog using strict XHTML:
<a href='foo' href='foo'>blah</a>
Attachments (1)
Change History (12)
#7
@
16 years ago
- Milestone changed from 2.7 to 2.6.1
- Resolution fixed deleted
- Status changed from closed to reopened
Re-open for 2.6.1
#9
@
15 years ago
- Resolution fixed deleted
- Status changed from closed to reopened
- Version changed from 2.5.1 to 2.9.1
Bug appears to still be valid in WP 2.9.1, despite my patch being in kses.php
#10
@
15 years ago
- Resolution set to fixed
- Status changed from reopened to closed
- Version changed from 2.9.1 to 2.6
Re-closing (see #6642:comment:15)
Note: See
TracTickets for help on using
tickets.
Updated patch to take first attribute and ignore later duplicate attributes (per Sam Ruby's comment)