Support » Plugin: Admin Code Editor » The plugin removes part of the HTML

  • Resolved alex159

    (@alex159)


    The plugin removes part of the HTML.
    When I write in code
    <div><input type=”text”>1</div>
    <div itemprop=”qwerty” itemscope itemtype=”asdf” data-size=”1024×768″>2</div>

    After saving, it turns into a
    <div>1</div>
    <div>2</div>

    Why??!

Viewing 5 replies - 1 through 5 (of 5 total)
  • Plugin Author Steve Puddick

    (@stevepuddick)

    Thanks for the message. I’ll probably have time to look at this within the next week.

    Plugin Author Steve Puddick

    (@stevepuddick)

    I took a look and I can see what the problem is. The HTML is being sanitized with WordPress’s wp_kses_post function to only save allowable tags and attributes. “input”, “itemprop”, etc are not allowed with wp_kses_post and they are filtered out. I am going to leave the sanitization in place as a security precaution. However, it seems like you are an advanced coder if this is the type of HTML you are writing. If for your own use you would like to bypass this sanitization it just requires an adjustment to 1 line of code:

    On line 50 in
    admin-code-editor/admin/class-admin-code-editor-editor-html-php.php

    change
    $this->pre_code = (empty($_POST['wp-ace-html-php-pre-code'])) ? ' ' : wp_kses_post($_POST['wp-ace-html-php-pre-code']);

    to

    $this->pre_code = $_POST['wp-ace-html-php-pre-code’];

    Hope this helps 🙂

    Plugin Author Steve Puddick

    (@stevepuddick)

    Hi again,

    After second thought, I have decided using the wp_kses_post filter is overkill for filtering the type of HTML in this plugin. If someone is using this plugin, they most likely will be using advanced HTML. I have decided to remove this filter in the next release.

    Plugin Author Steve Puddick

    (@stevepuddick)

    fixed in 1.1.0.

    Thank you!
    exactly what is needed!

Viewing 5 replies - 1 through 5 (of 5 total)
  • The topic ‘The plugin removes part of the HTML’ is closed to new replies.