[buddypress-trac] [BuddyPress Trac] #5697: New class to style visibility levels
buddypress-trac
noreply at wordpress.org
Fri Jun 13 22:57:31 UTC 2014
#5697: New class to style visibility levels
-------------------------+------------------
Reporter: SGr33n | Owner:
Type: enhancement | Status: new
Priority: normal | Milestone: 2.1
Component: Settings | Version:
Severity: normal | Resolution:
Keywords: has-patch |
-------------------------+------------------
Changes (by DJPaul):
* component: Core => Settings
* milestone: Awaiting Review => 2.1
Comment:
Thanks for the patch. The request seems reasonable.
We'll need to adjust the patch, slightly: `printf( $r['before_radio'],
$level['id'] )` should be `printf( $r['before_radio'], esc_attr(
$level['id'] ) )` in case someone figures out a way of inserting harmful
XSS-type markup into the `class=` property. It also helps from a code
review perspective that we know the output's being escaped safely in case
a future change to BuddyPress accidentally introduces a problem.
--
Ticket URL: <https://buddypress.trac.wordpress.org/ticket/5697#comment:1>
BuddyPress Trac <http://buddypress.org/>
BuddyPress Trac
More information about the buddypress-trac
mailing list