Skip to:

Opened 13 years ago

Closed 13 years ago

#1426 closed defect (bug) (fixed)

Filter the content for HTML tags

Reported by: gautamgupta's profile GautamGupta Owned by:
Milestone: 2.0 Priority: high
Severity: critical Version:
Component: Back-end Keywords:


We should filter HTML tags for users who don't have the cap 'unfiltered_html'. We can probably have a new function bbp_allowed_tags() or use the ones allowed in comments and use strip_tags in new/edit topic/reply functions.

Attachments (1)

sec.diff (30.2 KB) - added by GautamGupta 13 years ago.

Download all attachments as: .zip

Change History (3)

13 years ago

#1 @GautamGupta
13 years ago

The attached patch fixes #1389, #1411 and this (#1426) and adds topic_content and _excerpt functions.

#2 @johnjamesjacoby
13 years ago

  • Resolution set to fixed
  • Status changed from new to closed

(In [2780]) Introduce _content functions for topics and replies. Introduce our own allowed_tags for handling HTML. Add nofollow to links in content. Properly sanitize topic and reply slugs. Fixes #1426, #1389, #1411. Props GautamGupta via Google Code-in

Note: See TracTickets for help on using tickets.