jmbarne3
commented
7 years ago Look into adding a validation regex, with sane defaults based on field type and some presents (i.e. a regex for css classes).
Open cjg89 opened 7 years ago
jmbarne3
commented
7 years ago Look into adding a validation regex, with sane defaults based on field type and some presents (i.e. a regex for css classes).
Values from attribute fields in the shortcode interface should be sanitized before being passed pack to TinyMCE to avoid the creation of invalid shortcodes and/or attributes.
For example, when editing the "class" attribute of a button shortcode, if I add a value of
" data-bad-attr="something" ", the following is inserted into the WYSIWYG editor:[button class="" data-bad-attr="something" ""][/button]