[buddypress-trac] [BuddyPress Trac] #2776: Most content is double-escaped in the database
buddypress-trac
noreply at wordpress.org
Tue Mar 25 18:15:10 UTC 2014
#2776: Most content is double-escaped in the database
--------------------------+-----------------------------
Reporter: DJPaul | Owner:
Type: defect (bug) | Status: new
Priority: major | Milestone: Future Release
Component: Core | Version:
Severity: normal | Resolution:
Keywords: |
--------------------------+-----------------------------
Comment (by boonebgorges):
In [changeset:"8156"]:
{{{
#!CommitTicketReference repository="" revision="8156"
Run stripslashes filter on activity strings earlier than priority 10
Running stripslashes() on priority 10 caused race conditions with other
filters
on the same content. This, in turn, causes conflicts with wptexturize(),
which
cannot properly parse certain character combinations due to the incorrect
presence of escaping slashes. This problem exhibited itself most obviously
with the use of guillemet-style quotation marks (the slashes fooled
wptexturize() into thinking that the opening quote was actually the
closing
one), but could also occur with other formatting rules.
Because the requirement to stripslashes() is due to BuddyPress's incorrect
escaping of much input content, we work around the race condition by
running
stripslashes_deep() earlier than priority 10. This ensures that plugins
hooking
to these filters with the default priority can expect properly formatted
and
sanitized content. See #2776.
Props chouf1, imath, needle
}}}
--
Ticket URL: <https://buddypress.trac.wordpress.org/ticket/2776#comment:12>
BuddyPress Trac <http://buddypress.org/>
BuddyPress Trac
More information about the buddypress-trac
mailing list