[wp-trac] [WordPress Trac] #17270: strip_tags function in XML RPC needs replacing with regex

WordPress Trac wp-trac at lists.automattic.com
Thu Apr 28 16:32:47 UTC 2011 

#17270: strip_tags function in XML RPC needs replacing with regex
--------------------------+-----------------------------
 Reporter:  majick777     |      Owner:
     Type:  defect (bug)  |     Status:  new
 Priority:  normal        |  Milestone:  Awaiting Review
Component:  XML-RPC       |    Version:  3.1
 Severity:  normal        |   Keywords:  needs-patch
--------------------------+-----------------------------
 I've been working on a plugin that works with pingbacks, and I have come
 across a problem with a line in class-wp-xmlrpc-server.php which uses
 strip_tags.

 (line 3422 in WP 3.1):
 $linea = strip_tags( $linea, '<a>' ); // just keep the tag we need

 For some reason this function is not working properly at all on some
 templates (or that is the way it seems) and instead of returning all the
 <a> tags is cutting a lot of them out, making it seem to the server like
 there is no target link in the source URI, and thus returning a pingback
 fault 17 unnecessarily. And this means a large percentage of genuine
 pingbacks are failing without the user even knowing about it!

 I suspect the function is having trouble with plugins that insert
 javascript near the header of the page, though it could be otherwise, as I
 have done a test to see what is left after this line is run, it returns
 some garbled javascript, no links at all from the post content (where the
 source links actually were), and then the menu links.

 I have included a workaround in my new plugin:
 http://wordpress.org/extend/plugins/pingchecker/
 Basically it does a regex match for links in your content, then echoes
 them in a hidden div in the footer, making it much easier for the
 strip_tags function to actually find them. It works pretty well so I'm not
 fussed myself, but I thought it worth writing about..

 This line really needs to be replaced with the regex match in the actual
 server code for future WordPress users too. I don't know regex myself, but
 I used sample code I found here
 (http://regexadvice.com/forums/thread/48395.aspx) for this regex
 expression, which seems to work really well.

 In any case, strip_tags is not doing a reliable job at this and needs
 replacing. Hopefully this finds its way to the right person able to fix
 this. Thanks!

-- 
Ticket URL: <http://core.trac.wordpress.org/ticket/17270>
WordPress Trac <http://core.trac.wordpress.org/>
WordPress blogging software

More information about the wp-trac mailing list