sergiotarxz
/
Wordpress
1
0
Fork 0
Code Issues Pull Requests Releases Wiki Activity
20,081 Commits 2 Branches 473 Tags 137 MiB
Commit Graph

101 Commits

Author SHA1 Message Date
Andrew Nacin 82229b784f Recommend the wp_kses_allowed_html filter over CUSTOM_TAGS. Soft deprecate CUSTOM_TAGS. see #17977, #20210. 
git-svn-id: https://develop.svn.wordpress.org/trunk@21796 602fd350-edb4-49c9-b593-d223f7449a82
 2012-09-10 18:00:41 +00:00
Andrew Nacin cce4267f17 Remove kses allowedtags that were commented out long ago. see #17977. 
git-svn-id: https://develop.svn.wordpress.org/trunk@21795 602fd350-edb4-49c9-b593-d223f7449a82
 2012-09-10 17:53:46 +00:00
Ryan Boren 0cef59e4c0 * Introduce wp_kses_allowed_html() which accepts a context string and returns an array of allowed tags. 
* Remove explicit declarations of class, id, style, and title from $allowedposttags
 * Dynamicallly add global attributes to every tag for the 'post' context
 * No longer calls wp_kses_array_lc() every time wp_kses() runs. Instead it runs once if CUSTOM_TAGS is true. Plugins directly passing a custom allowed_html array will no longer get the lc treatment. Keep an eye out for problems with this.
 * wp_kses_data() and wp_filter_kses() pass current_filter() for the $allowed_html argument to wp_kses().
 * wp_kses_allowed_html() handles being passed a filter name for a context. If the filter is not a recognized one it defaults to using $allowedtags as was done before for wp_kses_data() and wp_filter_kses().
 * wp_kses_allowed_html() recognizes user_description and pre_user_description out of the box. For these it takes $allowedtags and inserts rel attribute support.
 * wp_kses_allowed_html() allows plugins to override the return values for the default contexts and support arbitrary contexts via a wp_kses_allowed_html filter.
 * wp_kses_hook() can now pass a string context for $allowed_html to the pre_kses filter. We might have to pass the result of wp_kses_allowed_html() instead if it turns out that plugins are digging in $allowed_html.

fixes #17977
see #20210


git-svn-id: https://develop.svn.wordpress.org/trunk@21790 602fd350-edb4-49c9-b593-d223f7449a82
 2012-09-10 16:19:54 +00:00
Mark Jaquith addb19400a Add <small> to KSES, to hang out with its <big> brother. props SergeyBiryukov. fixes #18573 
git-svn-id: https://develop.svn.wordpress.org/trunk@21777 602fd350-edb4-49c9-b593-d223f7449a82
 2012-09-06 19:08:42 +00:00
Ryan Boren daf2f84da0 Don't allow unfiltered HTML comments from a frame. Props nacin. fixes #20812 
git-svn-id: https://develop.svn.wordpress.org/trunk@20974 602fd350-edb4-49c9-b593-d223f7449a82
 2012-06-01 20:47:08 +00:00
Andrew Nacin f3d77695cb Handle multiple feed: schemes. 
git-svn-id: https://develop.svn.wordpress.org/trunk@20540 602fd350-edb4-49c9-b593-d223f7449a82
 2012-04-19 21:48:12 +00:00
Jon Cave 770361f4e3 Reduce memory usage in wp-includes/kses.php by switching unnecessary empty arrays to boolean. Fixes #20017. 
safecss_filter_attr() block for style tags must be moved out of the is_array() only branch of wp_kses_attr() to accommodate for this.


git-svn-id: https://develop.svn.wordpress.org/trunk@19976 602fd350-edb4-49c9-b593-d223f7449a82
 2012-02-21 20:33:44 +00:00
Jon Cave 156048ca52 split was deprecated in PHP 5.3.0, so use explode instead. Props garyc40. Fixes #16325. 
git-svn-id: https://develop.svn.wordpress.org/trunk@19726 602fd350-edb4-49c9-b593-d223f7449a82
 2012-01-09 21:20:51 +00:00
Ryan Boren a8d77cbae9 User lowercase true, false, null instead of uppercase. Props c3mdigital, mfields. fixes #16302 
git-svn-id: https://develop.svn.wordpress.org/trunk@19687 602fd350-edb4-49c9-b593-d223f7449a82
 2012-01-05 20:50:54 +00:00
Ryan Boren 676ba7043e Use one space, not two, after trailing punctuation. fixes #19537 
git-svn-id: https://develop.svn.wordpress.org/trunk@19593 602fd350-edb4-49c9-b593-d223f7449a82
 2011-12-13 23:45:31 +00:00
Ryan Boren 3985ff6af3 Don't use wp_parse_args() on non associative array. Props SergeyBiryukov. see #18268 
git-svn-id: https://develop.svn.wordpress.org/trunk@18856 602fd350-edb4-49c9-b593-d223f7449a82
 2011-10-01 15:54:52 +00:00
Ryan Boren 4e081d3171 phpdoc typo and readability fixes. Props SergeyBiryukov. fixes #18560 
git-svn-id: https://develop.svn.wordpress.org/trunk@18827 602fd350-edb4-49c9-b593-d223f7449a82
 2011-09-29 22:57:43 +00:00
Jon Cave 9f6d53a66f Introduce wp_allowed_protocols() for use in wp_kses() and esc_url(). See #18268. 
This allows plugins to filter the list of protocols used for esc_url() too, and helps us keep the list of protocols in sync.


git-svn-id: https://develop.svn.wordpress.org/trunk@18826 602fd350-edb4-49c9-b593-d223f7449a82
 2011-09-29 22:33:51 +00:00
Andrew Nacin de1dcae9d1 i before e except after c. props trepmal, fixes #17730. 
git-svn-id: https://develop.svn.wordpress.org/trunk@18208 602fd350-edb4-49c9-b593-d223f7449a82
 2011-06-09 09:13:00 +00:00
Andrew Nacin 2ac4a87b89 Upddate FSF address in kses. props mcepl, fixes #14967. 
git-svn-id: https://develop.svn.wordpress.org/trunk@18052 602fd350-edb4-49c9-b593-d223f7449a82
 2011-05-25 22:15:12 +00:00
Ryan Boren a035b3c7e9 kses optimizations. Props duck_. fixes #17045 
git-svn-id: https://develop.svn.wordpress.org/trunk@17730 602fd350-edb4-49c9-b593-d223f7449a82
 2011-04-27 21:50:39 +00:00
Ryan Boren eba71eb7c0 Bring out the shears. 
git-svn-id: https://develop.svn.wordpress.org/trunk@17228 602fd350-edb4-49c9-b593-d223f7449a82
 2011-01-06 04:11:14 +00:00
Ryan Boren 2c35e7b475 Update @author tag contact info. Props hakre. see #16039 
git-svn-id: https://develop.svn.wordpress.org/trunk@17185 602fd350-edb4-49c9-b593-d223f7449a82
 2010-12-30 20:07:12 +00:00
Ryan Boren 97c77ba912 Add Copyright Statement, Licensing Information and Disclaimer to kses. Props hakre. Thanks Ulf Harnhammar. fixes #16039 
git-svn-id: https://develop.svn.wordpress.org/trunk@17181 602fd350-edb4-49c9-b593-d223f7449a82
 2010-12-30 18:37:18 +00:00
Ryan Boren 2bc1d7f588 Don't be case sensitive to attribute names. Handle padded entities when checking for bad protocols. Normalize entities before checking for bad protocols in esc_url(). Props Mauro Gentile, duck_, miqrogroove 
git-svn-id: https://develop.svn.wordpress.org/trunk@17171 602fd350-edb4-49c9-b593-d223f7449a82
 2010-12-29 20:45:37 +00:00
Ryan Boren cd4f625268 Don't be so sensitive. 
git-svn-id: https://develop.svn.wordpress.org/trunk@17119 602fd350-edb4-49c9-b593-d223f7449a82
 2010-12-23 15:26:49 +00:00
Andrew Nacin d8c91db1f4 Remove more create_function calls. props huichen, see #14424. 
git-svn-id: https://develop.svn.wordpress.org/trunk@16313 602fd350-edb4-49c9-b593-d223f7449a82
 2010-11-11 22:50:36 +00:00
Ryan Boren 8d9d4817a3 Add equal sign to blacklist. Props Pádraic Brady. for 3.1 
git-svn-id: https://develop.svn.wordpress.org/trunk@15383 602fd350-edb4-49c9-b593-d223f7449a82
 2010-07-12 14:30:39 +00:00
Ryan Boren c6f385ea6a Don't use deprecated function. Blacklist curlies. 
git-svn-id: https://develop.svn.wordpress.org/trunk@15356 602fd350-edb4-49c9-b593-d223f7449a82
 2010-06-30 17:46:37 +00:00
Mark Jaquith fb6501cae0 Add some new protocols for KSES. Make the list of protocols filterable. Start esc_url() with the same list. fixes #10914. props technosailor 
git-svn-id: https://develop.svn.wordpress.org/trunk@14412 602fd350-edb4-49c9-b593-d223f7449a82
 2010-05-03 21:20:20 +00:00
Andrew Nacin b974013f7c Add HTML 5 elements to kses, first pass. props rmccue. see #12835. 
git-svn-id: https://develop.svn.wordpress.org/trunk@14406 602fd350-edb4-49c9-b593-d223f7449a82
 2010-05-03 20:34:49 +00:00
Andrew Nacin dd306def81 Remove redundant isset() and empty() checks. 
git-svn-id: https://develop.svn.wordpress.org/trunk@13770 602fd350-edb4-49c9-b593-d223f7449a82
 2010-03-19 21:29:21 +00:00
Ryan Boren f8a2a5ca31 Fix numeric entity logic in kses. Props miqrogroove. see #12284 
git-svn-id: https://develop.svn.wordpress.org/trunk@13648 602fd350-edb4-49c9-b593-d223f7449a82
 2010-03-10 18:45:28 +00:00
Peter Westwood 64dce47ade Improve kses handling of attributes in valid XHTML self closed img tags. Fixes #12394 props dougal. 
git-svn-id: https://develop.svn.wordpress.org/trunk@13561 602fd350-edb4-49c9-b593-d223f7449a82
 2010-03-02 22:11:08 +00:00
Andrew Nacin c9dfb91763 Spelling and grammar fun. Fixes #11875 props cnorris23 
git-svn-id: https://develop.svn.wordpress.org/trunk@13382 602fd350-edb4-49c9-b593-d223f7449a82
 2010-02-24 20:13:23 +00:00
Andrew Nacin e6b37271cd Coil the kses entities whitelist. See #12284 
git-svn-id: https://develop.svn.wordpress.org/trunk@13363 602fd350-edb4-49c9-b593-d223f7449a82
 2010-02-24 07:33:14 +00:00
Ryan Boren 096ea9990a Whitelist entities. Props miqrogroove. see #12284 
git-svn-id: https://develop.svn.wordpress.org/trunk@13358 602fd350-edb4-49c9-b593-d223f7449a82
 2010-02-24 05:37:20 +00:00
Peter Westwood 2e2ad12171 Add missing version numbers to _deprecated_argument() calls. 
Remove deprecated argument from xfn_check() calls.
Pass version number to deprecated_file_included, deprecated_function_run and deprecated_argument_run actions.
Fixes #11386 props nacin.

git-svn-id: https://develop.svn.wordpress.org/trunk@12680 602fd350-edb4-49c9-b593-d223f7449a82
 2010-01-09 10:03:55 +00:00
Peter Westwood a752e6b561 Updates and improvements to _depreceated_argument. See #11386 props nacin. 
git-svn-id: https://develop.svn.wordpress.org/trunk@12584 602fd350-edb4-49c9-b593-d223f7449a82
 2009-12-30 16:23:39 +00:00
Ryan Boren 56989f4f5c Allow 0xAD in URI attributes. Props nbachiyski. fixes #9823 #10859 
git-svn-id: https://develop.svn.wordpress.org/trunk@12199 602fd350-edb4-49c9-b593-d223f7449a82
 2009-11-17 20:18:48 +00:00
Ryan Boren 486efbd69f Introduce wp_kses_post() and wp_kses_data() for filtering unescaped data. Fixes slashing of displayed fields. fixes #10949 
git-svn-id: https://develop.svn.wordpress.org/trunk@12125 602fd350-edb4-49c9-b593-d223f7449a82
 2009-10-29 17:15:58 +00:00
Ryan Boren 43c201d458 Remove trailing whitespace 
git-svn-id: https://develop.svn.wordpress.org/trunk@11930 602fd350-edb4-49c9-b593-d223f7449a82
 2009-09-14 14:03:32 +00:00
Andrew Ozz 5d667146b8 Do not use lambda functions in wp_kses_decode_entities(), props mdawaffe, fixes #10623 
git-svn-id: https://develop.svn.wordpress.org/trunk@11828 602fd350-edb4-49c9-b593-d223f7449a82
 2009-08-16 05:58:39 +00:00
Andrew Ozz 43770b1234 Fix deprecated arg. in safecss_filter_attr(), for trunk 
git-svn-id: https://develop.svn.wordpress.org/trunk@11699 602fd350-edb4-49c9-b593-d223f7449a82
 2009-07-08 09:54:34 +00:00
Ryan Boren 7af7514cf0 Allow class, id, and style on headers. Props matt. 
git-svn-id: https://develop.svn.wordpress.org/trunk@11692 602fd350-edb4-49c9-b593-d223f7449a82
 2009-07-06 14:37:48 +00:00
Andrew Ozz 81c8791b9d Inline CSS filter for kses, for trunk, fixes #10336 
git-svn-id: https://develop.svn.wordpress.org/trunk@11689 602fd350-edb4-49c9-b593-d223f7449a82
 2009-07-04 04:49:39 +00:00
Ryan Boren 7f510a5bfb Revert accidental fxn rename 
git-svn-id: https://develop.svn.wordpress.org/trunk@11212 602fd350-edb4-49c9-b593-d223f7449a82
 2009-05-05 23:32:16 +00:00
Mark Jaquith c638e8d8de _a(), _ea(), _xa(), attr() are now esc_attr__(), esc_attr_e(), esc_attr_x(), esc_attr() -- still short, but less cryptic. see #9650 
git-svn-id: https://develop.svn.wordpress.org/trunk@11204 602fd350-edb4-49c9-b593-d223f7449a82
 2009-05-05 19:43:53 +00:00
Ryan Boren 2baa2f8e58 Use preg_replace_callback instead of preg_replace with eval. Props beaulebens. see #8689 
git-svn-id: https://develop.svn.wordpress.org/trunk@10339 602fd350-edb4-49c9-b593-d223f7449a82
 2009-01-09 19:29:35 +00:00
Ryan Boren baaaa352ba Strip trailing whitespace 
git-svn-id: https://develop.svn.wordpress.org/trunk@10150 602fd350-edb4-49c9-b593-d223f7449a82
 2008-12-09 18:03:31 +00:00
Peter Westwood 9618b0260a phpDoc corrections for KSES. Fixes #7550 props jacobsantos. 
git-svn-id: https://develop.svn.wordpress.org/trunk@8837 602fd350-edb4-49c9-b593-d223f7449a82
 2008-09-06 06:53:45 +00:00
Ryan Boren 35657e8988 Apply kses bad-protocol checks only to URI typed attributes. Props takayukister. fixes #5917 #6888 #6910 #7512 
git-svn-id: https://develop.svn.wordpress.org/trunk@8671 602fd350-edb4-49c9-b593-d223f7449a82
 2008-08-19 18:43:21 +00:00
Mark Jaquith 3cab99fbd2 Cast to array when using foreach(). Props santosj (and thanks for your perseverance!). fixes #2784 
git-svn-id: https://develop.svn.wordpress.org/trunk@8572 602fd350-edb4-49c9-b593-d223f7449a82
 2008-08-06 20:31:54 +00:00
Peter Westwood a619cbba87 Mark kses callbacks as private. Fixes #7363. 
git-svn-id: https://develop.svn.wordpress.org/trunk@8410 602fd350-edb4-49c9-b593-d223f7449a82
 2008-07-23 08:36:15 +00:00
Andrew Ozz e5655cff31 kses - don't use create_function in preg_replace_callback. Fixes #7363. 
git-svn-id: https://develop.svn.wordpress.org/trunk@8387 602fd350-edb4-49c9-b593-d223f7449a82
 2008-07-21 05:11:00 +00:00