Add pre-save content filter to make target=_blank always secure.

Props notnownikki, iseulde, azaozz
Fixes #43187

git-svn-id: https://develop.svn.wordpress.org/trunk@42770 602fd350-edb4-49c9-b593-d223f7449a82
This commit is contained in:
Andrew Ozz
2018-03-02 14:41:04 +00:00
parent c3615b2688
commit 6d094f61bb
5 changed files with 160 additions and 8 deletions

View File

@@ -1015,12 +1015,12 @@ class WP_Test_REST_Attachments_Controller extends WP_Test_REST_Post_Type_Control
'rendered' => '<a href="#">link</a>',
),
'description' => array(
'raw' => '<a href="#" target="_blank">link</a>',
'rendered' => '<p><a href="#" target="_blank">link</a></p>',
'raw' => '<a href="#" target="_blank" rel="noopener noreferrer">link</a>',
'rendered' => '<p><a href="#" target="_blank" rel="noopener noreferrer">link</a></p>',
),
'caption' => array(
'raw' => '<a href="#" target="_blank">link</a>',
'rendered' => '<p><a href="#" target="_blank">link</a></p>',
'raw' => '<a href="#" target="_blank" rel="noopener noreferrer">link</a>',
'rendered' => '<p><a href="#" target="_blank" rel="noopener noreferrer">link</a></p>',
),
),
),