[wp-hackers] Bug: Every <string that is enclosed by angle
brackets> is being shredded.
Matt
speedboxer at gmail.com
Thu Mar 29 00:45:03 GMT 2007
Yes, this is rather annoying when you're posting code to a WP Blog that
doesn't allow Registration and you forget to replace <'s and >'s. Then your
code doesn't show up...
This should be submitted to Trac (http://trac.wordpress.org), by the way, if
it hasn't already.
On 3/28/07, Alexander Orlov <alexander.orlov at loxal.net> wrote:
>
> * Affected version: 2.1.2
>
> * Bug: Every <string that is enclosed by angle brackets> is being
> shredded.
>
> * Reason: Layout/design cracker protection.
>
> * Conditions: The comments are being passed to the "comment slaughter"
> function only IF they are posted by an user who is not logged in. In
> comments of logged in users the (X)HTML entities are replaced by the
> corresponding entity names.
>
> * (just A) solution: The function that is responsible for this comment
> slaughter should be modified so that it replaces all (performance?)
> existent (according to the W3C reference
> http://www.w3.org/TR/xhtml-modularization/dtd_module_defs.html )
> entities in the passed string. E.g.: "<" by "<" and ">" by ">"
> etc.
>
> --
> Best regards / Mit besten Grüßen
> Alexander Orlov
> http://www.loxal.net
> Hofmannstr. 29 * 91052 Erlangen * Germany
> Mobile: +49 (0)1577 / 385 6 583
> _______________________________________________
> wp-hackers mailing list
> wp-hackers at lists.automattic.com
> http://lists.automattic.com/mailman/listinfo/wp-hackers
>
--
Matt (speedboxer at gmail.com)
http://mattsblog.ca/
More information about the wp-hackers
mailing list