[wp-trac] [WordPress Trac] #63738: HTML API: Internal updates in 6.9
WordPress Trac
noreply at wordpress.org
Thu Sep 4 14:38:30 UTC 2025
#63738: HTML API: Internal updates in 6.9
--------------------------------------+---------------------
Reporter: dmsnell | Owner: (none)
Type: enhancement | Status: new
Priority: normal | Milestone: 6.9
Component: HTML API | Version: trunk
Severity: normal | Resolution:
Keywords: has-patch has-unit-tests | Focuses:
--------------------------------------+---------------------
Comment (by jonsurrell):
In [changeset:"60706" 60706]:
{{{
#!CommitTicketReference repository="" revision="60706"
HTML API: Prevent adding dangerous double-escape SCRIPT contents.
Prevent WP_Tag_Processor::set_modifiable_text() from allowing SCRIPT
contents with "<script" like it does with "</script". Either of these
sequences may affect the script element's close.
Developed in https://github.com/WordPress/wordpress-develop/pull/9560.
Props jonsurrell, westonruter, dmsnell.
See #63738.
}}}
--
Ticket URL: <https://core.trac.wordpress.org/ticket/63738#comment:29>
WordPress Trac <https://core.trac.wordpress.org/>
WordPress publishing platform
More information about the wp-trac
mailing list