[buddypress-trac] [BuddyPress Trac] #2776: Most content is double-escaped in the database

buddypress-trac noreply at wordpress.org
Tue Mar 25 18:15:10 UTC 2014

#2776: Most content is double-escaped in the database
 Reporter:  DJPaul        |       Owner:
     Type:  defect (bug)  |      Status:  new
 Priority:  major         |   Milestone:  Future Release
Component:  Core          |     Version:
 Severity:  normal        |  Resolution:
 Keywords:                |

Comment (by boonebgorges):

 In [changeset:"8156"]:
 #!CommitTicketReference repository="" revision="8156"
 Run stripslashes filter on activity strings earlier than priority 10

 Running stripslashes() on priority 10 caused race conditions with other
 on the same content. This, in turn, causes conflicts with wptexturize(),
 cannot properly parse certain character combinations due to the incorrect
 presence of escaping slashes. This problem exhibited itself most obviously
 with the use of guillemet-style quotation marks (the slashes fooled
 wptexturize() into thinking that the opening quote was actually the
 one), but could also occur with other formatting rules.

 Because the requirement to stripslashes() is due to BuddyPress's incorrect
 escaping of much input content, we work around the race condition by
 stripslashes_deep() earlier than priority 10. This ensures that plugins
 to these filters with the default priority can expect properly formatted
 sanitized content. See #2776.

 Props chouf1, imath, needle

Ticket URL: <https://buddypress.trac.wordpress.org/ticket/2776#comment:12>
BuddyPress Trac <http://buddypress.org/>
BuddyPress Trac

More information about the buddypress-trac mailing list