[wp-trac] [WordPress Trac] #64748: Privacy: get_the_privacy_policy_link() should strip HTML tags and return plain text
WordPress Trac
noreply at wordpress.org
Sat Feb 28 19:38:22 UTC 2026
#64748: Privacy: get_the_privacy_policy_link() should strip HTML tags and return
plain text
-----------------------------------+------------------------
Reporter: wildworks | Owner: (none)
Type: defect (bug) | Status: reviewing
Priority: normal | Milestone: 7.1
Component: Privacy | Version: 4.9.8
Severity: normal | Resolution:
Keywords: has-patch 2nd-opinion | Focuses:
-----------------------------------+------------------------
Changes (by westonruter):
* owner: westonruter => (none)
Comment:
Replying to [comment:13 sabernhardt]:
> 3. Use `wp_kses()` with a //small// set of allowed elements, not
`wp_kses_post()`. Possibilities include `br`, `em`, and `strong`, but I
would prefer to have specific examples of how they are appropriate before
adding support for each of them.
I like this option, to allow a small list of formatting tags which are
expected to be used in titles.
Also, I see that markup provided in `post_title` does not get rendered in
the post list table. If I provide `Read the <code>SCRIPT</code>` in a post
title, I see that as-is in the post list table, but on the frontend I see
it rendered as “Read the `SCRIPT`”. While that may be the existing
behavior, it's probably not ideal and some formatting should be used.
Nevertheless, the block editor doesn't currently facilitate formatting of
text in the title, while the classic editor did. You can still use the
quick edit interface on post list table to provide markup, however. See
[https://github.com/WordPress/gutenberg/issues/20320 Gutenberg#20320] for
the feature request.
--
Ticket URL: <https://core.trac.wordpress.org/ticket/64748#comment:14>
WordPress Trac <https://core.trac.wordpress.org/>
WordPress publishing platform
More information about the wp-trac
mailing list