[wp-trac] Re: [WordPress Trac] #8763: Unescaped CDATA in [gallery] Output

WordPress Trac wp-trac at lists.automattic.com
Tue Dec 30 23:26:44 GMT 2008


#8763: Unescaped CDATA in [gallery] Output
--------------------------+-------------------------------------------------
 Reporter:  miqrogroove   |        Owner:       
     Type:  defect (bug)  |       Status:  new  
 Priority:  normal        |    Milestone:  2.7.1
Component:  Gallery       |      Version:  2.7  
 Severity:  normal        |   Resolution:       
 Keywords:                |  
--------------------------+-------------------------------------------------
Comment (by miqrogroove):

 I thought I would be able to patch this easily, but I am still confused by
 the intended outcome.  If I apply wp_specialchars() to the gallery output,
 it does not escape entity references.  Is it better to use
 htmlspecialchars() and potentially break existing entities in the gallery,
 or does the patch need to change the visual editor to also use
 wp_specialchars() ?

-- 
Ticket URL: <http://trac.wordpress.org/ticket/8763#comment:1>
WordPress Trac <http://trac.wordpress.org/>
WordPress blogging software


More information about the wp-trac mailing list