Backport SA-CORE-2020-010

Created on 18 August 2021, over 3 years ago

Updated 3 November 2023, about 1 year ago

Problem/Motivation

The editor_caption filter provided by this module is a backport of the image caption filter provided by Drupal 8 core and is affected by SA-CORE-2020-010 → .

Proposed resolution

Ideally, the fix for SA-CORE-2020-010 → should be backported. Backporting the core fix is blocked by #2826458: Allow the "Limit allowed HTML tags" filter to also restrict HTML attributes, and only allow a small list of attributes by default → .

If the fix cannot be backported, the editor_caption filter should be deprecated/removed from the D7 editor module.

📌 Task

Status

Fixed

Version

1.0

Component

Code

Created by

🇺🇸United States joegraduate Arizona, USA

Live updates comments and jobs are added and updated live.

Incomplete comments

Comments & Activities

Not all content is available!

It's likely this issue predates Contrib.social: some issue and comment data are missing.

Comment about 1 year ago →
🇨🇦Canada devin carlson Sudbury, ON
This is now fixed.
Comment about 1 year ago →
🇺🇸United States joegraduate Arizona, USA
Thanks @Devin Carlson. Linking to relevant commit for reference: https://git.drupalcode.org/project/editor/-/commit/e57cf64901e30044c10a1...
Comment about 1 year ago →
System Message
Automatically closed - issue fixed for 2 weeks with no activity.

contrib.social Blog FAQ Discussions

Production build 0.71.5 2024