Closed aaroncampbell closed 5 years ago
iandunn
commented
5 years ago 🤔 , I can't really think of any reason why we wouldn't allow wp_kses_data(), or even wp_kses_post(). We already do that in a lot of other places.
I don't know exactly where that one comes from
It's in a separate plugin, since CampTix proper is distributed in the w.org repo.
iandunn
commented
5 years ago I'll go ahead and make that change and merge this.
aaroncampbell
commented
5 years ago 🤔 , I can't really think of any reason why we wouldn't allow
wp_kses_data(), or evenwp_kses_post(). We already do that in a lot of other places.
Seems reasonable to me and honestly sounds perfect for these kind of use cases!
Thanks!
iandunn
commented
5 years ago Bleh, nevermind, I think the way CampTix makes the data available to the Backbone template would require some refactoring in order to change to wp_kses_*.
<input type="hidden" data-model-attribute="question" value="<?php echo esc_attr( $question->post_title ); ?>" />So, I'm just gonna merge the make_clickable() commit instead.
I'm not opposed to that refactoring, but it seems like a pretty low priority.
It seems that we have some special labels on WordCamp sites that include links (like the "learn more" link for being included on the attendees page, which links to https://wordpress.org/about/privacy/). I don't know exactly where that one comes from, but events can't do this themselves because we
esc_html()those elements. If we at least run that label throughmake_clickable()then they can include URLs for getting more information. You can see a good example of needing this on the WCUS 2019 Ticket Page where we try to link people to more information about the various contributor teams.Honestly more HTML there would be awesome, but
make_clickable()seems like a safe and simple workaround for now.