Skip to:
Content
Pages
Categories
Search
Top
Bottom

1.0.1 upgrade breaks HTML in welcome text block


  • Joss Winn
    Participant

    @josswinn

    15 years, 5 months ago

    I’ve just upgraded to 1.0.1 and noticed that the welcome text widget no longer displays HTML. Is this intentional? :-( I’m using the default BuddyPress themes with no modifications (and I didn’t upgraded them).

    Thanks.

Viewing 3 replies - 1 through 3 (of 3 total)

  • takuya
    Participant

    @takuya

    15 years, 5 months ago

    what’s ur link?

    HTML filters are normally managed by KSES not buddypress, but maybe there’s a new function that filters HTML.


    Andy Peatling
    Keymaster

    @apeatling

    15 years, 5 months ago

    There is an attribute_escape() call added to the content of the widget in 1.0.1, otherwise the widget poses as a potential security threat (unfiltered html).

    You can remove the attribute_escape() call on line 42 of bp-core-widgets.php but you might be better off duplicating the widget and creating your own unfiltered version. You should be careful with this though.


    Joss Winn
    Participant

    @josswinn

    15 years, 5 months ago

    Thanks for your quick response, Andy.

Viewing 3 replies - 1 through 3 (of 3 total)
  • The topic ‘1.0.1 upgrade breaks HTML in welcome text block’ is closed to new replies.

Topic Info

Topic Tags

Skip to toolbar