From e740c695e6bd17868c4f2750a1f0a2468d9ba3c3 Mon Sep 17 00:00:00 2001
From: Gary Pendergast <gary@pento.net>
Date: Fri, 14 Dec 2018 03:28:38 +0000
Subject: [PATCH] KSES: Allow the `download` attribute on `<a>` tags.

To avoid this being a vector for bypassing the filetypes that are allowed to be uploaded, this attribute is only allowed to be added without a value.

Merges [43813] from the 5.0 branch to trunk.

Props kalpshit, arshidkv12, welcher, peterwilsoncc, marina_wp, pento.
Fixes #44724.


Built from https://develop.svn.wordpress.org/trunk@44156


git-svn-id: http://core.svn.wordpress.org/trunk@43986 1a063a9b-81f0-0310-95a4-ce76da25c4cd
---
 wp-includes/kses.php    | 13 ++++++++-----
 wp-includes/version.php |  2 +-
 2 files changed, 9 insertions(+), 6 deletions(-)

diff --git a/wp-includes/kses.php b/wp-includes/kses.php
index 964ef7fd6e..18c76c5222 100644
--- a/wp-includes/kses.php
+++ b/wp-includes/kses.php
@@ -61,11 +61,14 @@ if ( ! CUSTOM_TAGS ) {
 	$allowedposttags = array(
 		'address'    => array(),
 		'a'          => array(
-			'href'   => true,
-			'rel'    => true,
-			'rev'    => true,
-			'name'   => true,
-			'target' => true,
+			'href'     => true,
+			'rel'      => true,
+			'rev'      => true,
+			'name'     => true,
+			'target'   => true,
+			'download' => array(
+				'valueless' => 'y',
+			),
 		),
 		'abbr'       => array(),
 		'acronym'    => array(),
diff --git a/wp-includes/version.php b/wp-includes/version.php
index c78fd18f85..8fa834640b 100644
--- a/wp-includes/version.php
+++ b/wp-includes/version.php
@@ -13,7 +13,7 @@
  *
  * @global string $wp_version
  */
-$wp_version = '5.1-alpha-44155';
+$wp_version = '5.1-alpha-44156';
 
 /**
  * Holds the WordPress DB revision, increments when changes are made to the WordPress DB schema.