[wpmu-trac] [WordPress MU Trac] #339: WPMU still needs
'unfiltered_html'
capability present, just not assigned to users by default
WordPress MU Trac
wpmu-trac at lists.automattic.com
Wed May 16 00:24:25 GMT 2007
#339: WPMU still needs 'unfiltered_html' capability present, just not assigned to
users by default
--------------------------+-------------------------------------------------
Reporter: JeremyVisser | Owner: somebody
Type: defect | Status: new
Priority: normal | Milestone: WPMU 1.0
Component: component1 | Version: 1.0
Severity: normal | Keywords:
--------------------------+-------------------------------------------------
In WPMU, the {{{unfiltered_html}}} capability has been removed.
Functionality gone, as far as I'm aware.
I realise this is for security reasons; you wouldn't want Joe Schmoe
posting any old HTML. However is this not also achievable simply by not
assigning the {{{unfiltered_html}}} capability by default?
In [539], you have a log message:
Remove unfiltered_html cap so plugins don't accidently allow unsafe html
through
Are there not still legitimate cases of specially granting users
{{{unfiltered_html}}}, like for the site admin user, or when a site admin
explicitly grants it?
I think the code should still be present in WPMU, just 'in hibernation',
ready for oddball users like me to turn it on.
--
Ticket URL: <http://trac.mu.wordpress.org/ticket/339>
WordPress MU Trac <http://mu.wordpress.org/>
WordPress Multiuser
More information about the wpmu-trac
mailing list