[wp-trac] [WordPress Trac] #56531: Aiming to “kill” entities, `sanitize_title_with_dashes()` happens to eat content
WordPress Trac
noreply at wordpress.org
Thu Sep 8 11:03:02 UTC 2022
#56531: Aiming to “kill” entities, `sanitize_title_with_dashes()` happens to eat
content
--------------------------+------------------------------
Reporter: anrghg | Owner: (none)
Type: defect (bug) | Status: new
Priority: normal | Milestone: Awaiting Review
Component: Formatting | Version:
Severity: major | Resolution:
Keywords: | Focuses:
--------------------------+------------------------------
Changes (by anrghg):
* keywords: needs-dev-note needs-patch =>
Comment:
Replying to [comment:3 costdev]:
> `changes-requested` refers to: "Feedback has been provided, and the
attached patch needs to be updated."
[https://make.wordpress.org/core/handbook/contribute/trac/keywords
/#status-based-keywords Reference].
>
> I'm not sure if such a change would need a dev note, so I'll leave this
to others to give their thoughts.
Sorry, indeed fixing a bug does not require any dev note, and as I’m to
provide a patch, I’m removing all other keywords as well.
== Context
It seems important to note that `sanitize_title_with_dashes()` is prone to
delete a chunk of the title instead of just the ampersand — because the
title input field seems to be plain text without automatic HTML encoding
like in the article body. None of the editors converts even `<`, resulting
in `<some words>` to become an invalid tag with an invalid attribute.
That’s another issue I ran into while testing all ASCII in titles.
Users seem to be expected to use HTML entities in the title. But
`sanitize_title_with_dashes()` handles only a few of these, deletes the
rest.
--
Ticket URL: <https://core.trac.wordpress.org/ticket/56531#comment:4>
WordPress Trac <https://core.trac.wordpress.org/>
WordPress publishing platform
More information about the wp-trac
mailing list