[wp-trac] [WordPress Trac] #25485: Why does esc_attr not double encode entities by default?
WordPress Trac
noreply at wordpress.org
Wed Mar 26 15:29:23 UTC 2014
#25485: Why does esc_attr not double encode entities by default?
--------------------------+------------------------------
Reporter: smerriman | Owner:
Type: defect (bug) | Status: reopened
Priority: normal | Milestone: Awaiting Review
Component: Formatting | Version: 3.6.1
Severity: normal | Resolution:
Keywords: | Focuses:
--------------------------+------------------------------
Changes (by SergeyBiryukov):
* milestone: => Awaiting Review
Comment:
Currently, it's safe to assume that `esc_attr( esc_attr() )` doesn't break
anything (see comment:7:ticket:20009 for example), which won't be the case
with double-encoding.
The issue with saving `©` in the Tagline field seems worth
investigating. At a glance, however, it doesn't have anything to do with
`esc_attr()`, as it doesn't escape HTML entities.
--
Ticket URL: <https://core.trac.wordpress.org/ticket/25485#comment:6>
WordPress Trac <https://core.trac.wordpress.org/>
WordPress publishing platform
More information about the wp-trac
mailing list