[wp-trac] [WordPress Trac] #59082: Titles and descriptions in RSS feeds need to use CDATA to encode special characters.
WordPress Trac
noreply at wordpress.org
Fri Aug 11 21:09:10 UTC 2023
#59082: Titles and descriptions in RSS feeds need to use CDATA to encode special
characters.
--------------------------+-----------------------------
Reporter: jsmoriss | Owner: (none)
Type: defect (bug) | Status: new
Priority: normal | Milestone: Awaiting Review
Component: Feeds | Version: 6.3
Severity: major | Keywords:
Focuses: |
--------------------------+-----------------------------
Only some RSS XML tag values are enclosed in CDATA, but all values that
include special characters should be enclosed in CDATA so we can encode
them, like UTF8, emojis, etc. (see https://validator.w3.org/feed/).
For example the item description in feed-rss.php uses CDATA:
{{{
<description><![CDATA[<?php the_excerpt_rss(); ?>]]></description>
}}}
But the channel description does not:
{{{
<description><?php bloginfo_rss( 'description' ); ?></description>
}}}
Only some description tags use CDATA:
{{{
wordpress/wp-includes$ grep '<description>' feed*
feed-rdf.php: <description><?php bloginfo_rss( 'description' );
?></description>
feed-rdf.php: <description><![CDATA[<?php the_excerpt_rss();
?>]]></description>
feed-rdf.php: <description><![CDATA[<?php the_excerpt_rss();
?>]]></description>
feed-rss2-comments.php: <description><?php bloginfo_rss( 'description' );
?></description>
feed-rss2-comments.php: <description><?php echo ent2ncr(
__( 'Protected Comments: Please enter your password to view comments.' )
); ?></description>
feed-rss2-comments.php: <description><![CDATA[<?php
comment_text_rss(); ?>]]></description>
feed-rss2.php: <description><?php bloginfo_rss( 'description' );
?></description>
feed-rss2.php: <description><![CDATA[<?php
the_excerpt_rss(); ?>]]></description>
feed-rss2.php: <description><![CDATA[<?php
the_excerpt_rss(); ?>]]></description>
feed-rss.php: <description><?php bloginfo_rss( 'description' );
?></description>
feed-rss.php: <description><![CDATA[<?php the_excerpt_rss();
?>]]></description>
}}}
And **none** of the title tags use CDATA:
{{{
wordpress/wp-includes$ grep '<title>' feed*
feed-atom-comments.php: <title>
feed.php: <title>' . $rss_title . '</title>
feed-rdf.php: <title><?php wp_title_rss(); ?></title>
feed-rdf.php: <title><?php the_title_rss(); ?></title>
feed-rss2-comments.php: <title>
feed-rss2-comments.php: <title>
feed-rss2.php: <title><?php wp_title_rss(); ?></title>
feed-rss2.php: <title><?php the_title_rss(); ?></title>
feed-rss.php: <title><?php wp_title_rss(); ?></title>
feed-rss.php: <title><?php the_title_rss(); ?></title>
}}}
I found this issue because a site's title contained an encoded special
character and an RSS reader refused to parse the XML because the title
value was not in a CDATA enclosure.
js.
--
Ticket URL: <https://core.trac.wordpress.org/ticket/59082>
WordPress Trac <https://core.trac.wordpress.org/>
WordPress publishing platform
More information about the wp-trac
mailing list