[wp-trac] Re: [WordPress Trac] #5998: Invalid Unicode characters
    WordPress Trac 
    wp-trac at lists.automattic.com
       
    Tue Jun 16 14:32:22 GMT 2009
    
    
  
#5998: Invalid Unicode characters
--------------------------+-------------------------------------------------
 Reporter:  shelleyp      |       Owner:  hakre                        
     Type:  defect (bug)  |      Status:  assigned                     
 Priority:  normal        |   Milestone:  2.9                          
Component:  Charset       |     Version:  2.3.3                        
 Severity:  normal        |    Keywords:  needs-patch reporter-feedback
--------------------------+-------------------------------------------------
Comment(by codedread):
 The reporter's case is the following:
 Turn on true XHTML serving in WordPress (i.e. serving the
 application/xhtml+xml MIME type).  Malicious commenters come in and inject
 invalid code points into a comment on the blog.  WordPress does not handle
 some invalid code points (U+FFFE and U+FFFF specifically) so the result is
 that the blog now has a "Yellow Screen Of Death".
-- 
Ticket URL: <http://core.trac.wordpress.org/ticket/5998#comment:9>
WordPress Trac <http://core.trac.wordpress.org/>
WordPress blogging software
    
    
More information about the wp-trac
mailing list